1 Reply Latest reply on Jan 15, 2006 12:44 PM by mrforms

    TerribleException on SecurityAssociationValve

    psubedi12005
    psubedi12005 Jan 9, 2006 11:54 AM

      I keep getting this and I am looking for clues where to look to fix. I have a Struts based web app running on jboss-4.0.3RC2. In addition I have OpenLDAP running and I have modified server.xml to use JNDI realm. To the end user app appears to work fine and log contiains this exception.

      Any help is precisely good.

      -----------

      11:35:29,713 DEBUG [SecurityAssociationValve] Failed to determine servlet
      java.lang.ClassCastException
      at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:121)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:482)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:59)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
      at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
      at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
      at java.lang.Thread.run(Thread.java:534)
      11:35:29,713 DEBUG [FWAction] execute(ctx)


      • 2679 Views
      • Tags:
        • 1. Re: TerribleException on SecurityAssociationValve
          mrforms
          mrforms Jan 15, 2006 12:44 PM (in response to psubedi12005)

          Did you define anything custom ? A custom realm for example ?

          This error usually arrives in the SecurityAssociationValve when it tries to cast the principal object that comes from the session in a JBossGenericPrincipal object. Look at the source code for the SecurityAssociationValve invoke method. It will look for a principal object and attempt to perform an explicit cast it. This means that the principal object created by the realm class (for example JBossSecurityMgrRealm) in the getCachedPrincipal method has to be of type JBossGenericalPrincipal. If you did a custom realm or something with principals, it might be related to that. The JBossGenericPrincipal holds many objects that are available in the authenticate method and after the isValid method was invoked (all the LoginModule have been invoked). If you use custom principals, they would be wrapped inside the JBossGenericPrincipal as the CallerPrincipal and it is these principals that will get set into your context before EJB invocation.

          Hope this helps.

            • Actions