Single Sign On failure on Jboss 4.0.4 using LDAP Realm and S
argaldo Aug 7, 2006 10:16 AMHi,
we have an application wich uses an LDAP Realm for authenticating users and has a "org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn" Valve to deal with j_security_check (and it is configured in its form-based authentication). And when the application tries to replicate the stored credentials after a succesful login throws the following exception:
java.io.NotSerializableException: org.apache.catalina.session.StandardSessionFac ade at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1149) at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java :1502) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:14 67) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.jav a:1385) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1143) at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:325) at java.util.Hashtable.writeObject(Hashtable.java:827) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:589) at java.io.ObjectStreamClass.invokeWriteObject(ObjectStreamClass.java:94 5) at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:14 54) at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.jav a:1385) at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1143) at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:325) at org.jboss.web.tomcat.tc5.session.SessionBasedClusteredSession.writeEx ternal(SessionBasedClusteredSession.java:175) at org.jboss.web.tomcat.tc5.session.JBossCacheService.externalizeSession (JBossCacheService.java:902) at org.jboss.web.tomcat.tc5.session.JBossCacheService.putSession(JBossCa cheService.java:348) at org.jboss.web.tomcat.tc5.session.JBossCacheClusteredSession.processSe ssionRepl(JBossCacheClusteredSession.java:122) at org.jboss.web.tomcat.tc5.session.JBossCacheManager.processSessionRepl (JBossCacheManager.java:994) at org.jboss.web.tomcat.tc5.session.JBossCacheManager.storeSession(JBoss CacheManager.java:637) at org.jboss.web.tomcat.tc5.session.InstantSnapshotManager.snapshot(Inst antSnapshotManager.java:52) at org.jboss.web.tomcat.tc5.session.ClusteredSessionValve.invoke(Cluster edSessionValve.java:105) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica torBase.java:524) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv e.java:74) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j ava:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j ava:105) at org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn.invoke(ClusteredSi ngleSignOn.java:499) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal ve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav a:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java :869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.p rocessConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpo int.java:527) at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWor kerThread.java:112) at java.lang.Thread.run(Thread.java:620)
I'm pretty sure that I'm not storing any StandardSessionFac
ade in my code, so it must be the ClusteredSingleSignOn Valve when it tries to store the current authenticated Principal.
If authentication is omited, the session replication work as expected and performes really well.
Is this a known issue? Am I doing anything wrong?