Extra call of LoginModule
peterbuus Aug 3, 2005 10:05 AMHi
jboss 4.0.2
I have written a custom LoginModule with a custom CallbackHandler, which I use to create a stateful session EJB.
When my http session times out I would like to remove this EJB.
Thus I have saved the actual callbackHandler in the http session and made a SessionListener:
public void valueUnbound(HttpSessionBindingEvent event) {
javax.security.auth.login.LoginContext loginContext = new
javax.security.auth.login.LoginContext("tdc",
savedCallbackHandler());
loginContext.login();
System.out.println("Logged in again");
savedEjbHandle.remove();
System.out.println("Cleaned up session");
}
In the console log I can see that the sessionListener does a successful login using the savedCallbackHandler, but the subsequent call to
savedEjbHandle.remove somehow initiates an extra call to my LoginModule with a callbackHandler with no information, ie username and credentials are not available.
Any ideas?
/Peter
The stacktrace of the extra LoginModule call follows:
15:39:07,094 DEBUG [LogInterceptor] SecurityException in method: public abstract void javax.ejb.EJBObject.remove() throws java.rmi.RemoteException,javax.ejb.RemoveException:
javax.security.auth.login.LoginException: Username not supplied.
at dk.certifikat.jboss.security.CertLoginModule.getUserName(CertLoginModule.java:153)
at dk.certifikat.jboss.security.CertLoginModule.login(CertLoginModule.java:83)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:483)
at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:425)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:251)
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:180)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:129)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:48)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:105)
at org.jboss.ejb.plugins.AbstractTxInterceptorBMT.invokeNext(AbstractTxInterceptorBMT.java:153)
at org.jboss.ejb.plugins.TxInterceptorBMT.invoke(TxInterceptorBMT.java:62)
at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSessionInstanceInterceptor.java:297)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:192)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:624)
at org.jboss.ejb.Container.invoke(Container.java:873)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:155)
at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:104)
at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:179)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:165)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55)
at org.jboss.proxy.ejb.StatefulSessionInterceptor.invoke(StatefulSessionInterceptor.java:106)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:86)
at $Proxy61.remove(Unknown Source)
at infra.servlet.SessionListener.valueUnbound(SessionListener.java:54)
at org.apache.catalina.session.StandardSession.removeAttributeInternal(StandardSession.java:1595)
at org.apache.catalina.session.StandardSession.expire(StandardSession.java:727)
at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:567)
at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:655)
at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:640)
at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1283)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1568)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1577)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1577)
at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1557)
at java.lang.Thread.run(Thread.java:534)
15:39:07,094 INFO [STDOUT] java.rmi.AccessException: SecurityException; nested exception is:
javax.security.auth.login.LoginException: Username not supplied.
15:39:07,094 INFO [STDOUT] at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:370)
15:39:07,094 INFO [STDOUT] at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:196)
15:39:07,094 INFO [STDOUT] at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
15:39:07,094 INFO [STDOUT] at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:624)
15:39:07,094 INFO [STDOUT] at org.jboss.ejb.Container.invoke(Container.java:873)
15:39:07,094 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
15:39:07,094 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
15:39:07,094 INFO [STDOUT] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
15:39:07,094 INFO [STDOUT] at java.lang.reflect.Method.invoke(Method.java:324)
15:39:07,094 INFO [STDOUT] at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
15:39:07,094 INFO [STDOUT] at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
15:39:07,094 INFO [STDOUT] at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
15:39:07,094 INFO [STDOUT] at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
15:39:07,094 INFO [STDOUT] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
15:39:07,094 INFO [STDOUT] at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:155)
15:39:07,094 INFO [STDOUT] at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:104)
15:39:07,094 INFO [STDOUT] at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:179)
15:39:07,094 INFO [STDOUT] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:165)
15:39:07,094 INFO [STDOUT] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
15:39:07,094 INFO [STDOUT] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55)
15:39:07,094 INFO [STDOUT] at org.jboss.proxy.ejb.StatefulSessionInterceptor.invoke(StatefulSessionInterceptor.java:106)
15:39:07,094 INFO [STDOUT] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:86)
15:39:07,094 INFO [STDOUT] at $Proxy61.remove(Unknown Source)
15:39:07,094 INFO [STDOUT] at infra.servlet.SessionListener.valueUnbound(SessionListener.java:54)
15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.StandardSession.removeAttributeInternal(StandardSession.java:1595)
15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.StandardSession.expire(StandardSession.java:727)
15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:567)
15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:655)
15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:640)
15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1283)
15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1568)
15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1577)
15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1577)
15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1557)
15:39:07,104 INFO [STDOUT] at java.lang.Thread.run(Thread.java:534)
15:39:07,104 INFO [STDOUT] Caused by: javax.security.auth.login.LoginException:
Username not supplied.
15:39:07,104 INFO [STDOUT] at dk.certifikat.jboss.security.CertLoginModule.getUserName(CertLoginModule.java:153)
15:39:07,104 INFO [STDOUT] at dk.certifikat.jboss.security.CertLoginModule.login(CertLoginModule.java:83)
15:39:07,104 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
15:39:07,104 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
15:39:07,104 INFO [STDOUT] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
15:39:07,104 INFO [STDOUT] at java.lang.reflect.Method.invoke(Method.java:324)
15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
15:39:07,104 INFO [STDOUT] at java.security.AccessController.doPrivileged(Native Method)
15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
15:39:07,104 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:483)
15:39:07,104 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:425)
15:39:07,104 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:251)
15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:180)
15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:129)
15:39:07,104 INFO [STDOUT] at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185)
15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:48)
15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:105)
15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.AbstractTxInterceptorBMT.invokeNext(AbstractTxInterceptorBMT.java:153)
15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.TxInterceptorBMT.invoke(TxInterceptorBMT.java:62)
15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSessionInstanceInterceptor.java:297)
15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:192)
15:39:07,104 INFO [STDOUT] ... 34 more