I have a application running inside of jboss. The invocation flow is like this:
1. servlet1->ejb1->ejb2->ejb3
Inside of the servlet, I have a call LoginContext.login() to establish the user identity. This LoginContext uses client-login. Inside of the ejb1, the ejb2 is invoked. Sometime, I got a "Authentication exception, principal is null". To find out why this exception is thrown, I inserted some debug information sinde of the ejb1 code before the ejb2 is invoked.
System.out.println(org.jboss.security.SecurityAssociation.getPrincipal().getName());
I found out sometime the org.jboss.security.SecurityAssociation.getPrincipal() is null inside of ejb1.
All ejbs used the same login configuration. The login configuration is like this
<application-policy name = "comRedzeroStoreEJB">
<login-module code = "org.jboss.security.ClientLoginModule" flag = "required">
<module-option name = "multi-threaded">true</module-option>
<module-option name = "restore-login-identity">true</module-option>
</login-module>
<login-module code="com.redzero.security.auth.spi.JbossNoopLoginModule" flag="required">
</login-module>
</application-policy>
I used ClientLoginModule besides the custome login module. Therefore the org.jboss.security.SecurityAssociation.getPrincipal() should not be null. Since this does not occurs all the time, it is very difficult to debug.
Any idea why it occurs and how I should debug it?
Thanks
The issue is solved. The cause is that I used "LoginContext.login() " in a non thread-safe way.