2 Replies Latest reply on Sep 15, 2011 9:50 AM by vessah

    Security Context has not been set

    lesquivel

      Hello,

      I am having the following exception when logging in. I am hoping that somebody might have some suggestions to where I might look or check to try and resolve this issue:

      17:16:45,552 ERROR [JBossWebRealm] Error during authenticate
      java.lang.IllegalStateException: Security Context has not been set
       at org.jboss.web.tomcat.security.SecurityAssociationActions$SetPrincipal
      InfoAction.run(SecurityAssociationActions.java:70)
       at java.security.AccessController.doPrivileged(Native Method)
       at org.jboss.web.tomcat.security.SecurityAssociationActions.setPrincipal
      Info(SecurityAssociationActions.java:270)
       at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebReal
      m.java:388)
       at org.apache.catalina.authenticator.FormAuthenticator.authenticate(Form
      Authenticator.java:258)
       at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
      torBase.java:417)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
      e.java:92)
       at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce
      ss(SecurityContextEstablishmentValve.java:126)
       at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok
      e(SecurityContextEstablishmentValve.java:70)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
      ava:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
      ava:102)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
      onnectionValve.java:158)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
      ve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
      a:330)
       at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436)
       at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpPro
      tocol.java:384)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
      7)
       at java.lang.Thread.run(Thread.java:619)


      I have a custom login config and my own loginModule. I am Extending AbstractLoginModule.

      My login-config.xml:
      <policy>
       <!-- MyCompany LOGIN MODULE -->
       <application-policy name="MyCompany-login-module">
       <authentication>
       <login-module code="org.MyCompany.security.auth.MyCompanyLoginModule" flag="required">
      
       </login-module>
      
       </authentication>
      </application-policy>
      </policy>
      


      What kind of errors would cause that exception to occur? Could it be a configuration issue? If it is configuration, what or where should I look?
      Could it be a code issue in my login module class? If so, what kind of errors in my code could cause this?

      Thanks to anyone that replies with any ideas on this.