5 Replies Latest reply on Aug 8, 2006 10:11 AM by brian.stansberry

    Single Sign On failure on Jboss 4.0.4 using LDAP Realm and S

    argaldo

      Hi,

      we have an application wich uses an LDAP Realm for authenticating users and has a "org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn" Valve to deal with j_security_check (and it is configured in its form-based authentication). And when the application tries to replicate the stored credentials after a succesful login throws the following exception:

      java.io.NotSerializableException: org.apache.catalina.session.StandardSessionFac
      ade
       at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1149)
      
       at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java
      :1502)
       at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:14
      67)
       at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.jav
      a:1385)
       at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1143)
      
       at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:325)
       at java.util.Hashtable.writeObject(Hashtable.java:827)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
      java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
      sorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:589)
       at java.io.ObjectStreamClass.invokeWriteObject(ObjectStreamClass.java:94
      5)
       at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:14
      54)
       at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.jav
      a:1385)
       at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1143)
      
       at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:325)
       at org.jboss.web.tomcat.tc5.session.SessionBasedClusteredSession.writeEx
      ternal(SessionBasedClusteredSession.java:175)
       at org.jboss.web.tomcat.tc5.session.JBossCacheService.externalizeSession
      (JBossCacheService.java:902)
       at org.jboss.web.tomcat.tc5.session.JBossCacheService.putSession(JBossCa
      cheService.java:348)
       at org.jboss.web.tomcat.tc5.session.JBossCacheClusteredSession.processSe
      ssionRepl(JBossCacheClusteredSession.java:122)
       at org.jboss.web.tomcat.tc5.session.JBossCacheManager.processSessionRepl
      (JBossCacheManager.java:994)
       at org.jboss.web.tomcat.tc5.session.JBossCacheManager.storeSession(JBoss
      CacheManager.java:637)
       at org.jboss.web.tomcat.tc5.session.InstantSnapshotManager.snapshot(Inst
      antSnapshotManager.java:52)
       at org.jboss.web.tomcat.tc5.session.ClusteredSessionValve.invoke(Cluster
      edSessionValve.java:105)
       at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
      torBase.java:524)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
      e.java:74)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
      ava:126)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
      ava:105)
       at org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn.invoke(ClusteredSi
      ngleSignOn.java:499)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
      ve.java:107)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
      a:148)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
      :869)
       at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.p
      rocessConnection(Http11BaseProtocol.java:664)
       at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpo
      int.java:527)
       at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWor
      kerThread.java:112)
       at java.lang.Thread.run(Thread.java:620)
      


      I'm pretty sure that I'm not storing any StandardSessionFac
      ade in my code, so it must be the ClusteredSingleSignOn Valve when it tries to store the current authenticated Principal.

      If authentication is omited, the session replication work as expected and performes really well.


      Is this a known issue? Am I doing anything wrong?