8 Replies Latest reply on Aug 20, 2009 11:32 AM by lesquivel

Authentication Error

lesquivel Aug 17, 2009 6:07 PM

Hello,

I am getting the following exception:

ERROR [JBossWebRealm] Error during authenticate
java.lang.IllegalStateException: Security Context has not been set
at java.security.AccessController.doPrivileged(Native Method) ....

I don't think I should post the entire exception here but if needed I will.

Can somebody give me a hint as to what possible configuration issue I might be having with this? I don't know where to set the Security Context or how to set it.

Thanks for your help.

1. Re: Authentication Error

wolfgangknauf Aug 18, 2009 4:13 AM (in response to lesquivel)

Hi,

I think you should post the entire exception here ;-), and also: when does the error happen (on deploy, on login)? Please post snippets of the security config.

Doing a bit of google with your error message, I found this: http://www.jboss.org/index.html?module=bb&op=viewtopic&t=151883 Maybe the

Best regards

Wolfgang
Actions
2. Re: Authentication Error

lesquivel Aug 18, 2009 10:16 AM (in response to lesquivel)

Hello Wolfgang,

Thank you for your reponse! The error happens during login.
Below I have my login-config.xml and the entire exception.

Thanks!!

login-config.xml:
<application-policy name="XYZ-login-module">

<login-module code="org.XYZ.security.auth.XYZLoginModule" flag="required">
<module-option name = "mode">USER</module-option>
</login-module>

</application-policy>

Exception:
08:10:05,523 ERROR [JBossWebRealm] Error during authenticate
java.lang.IllegalStateException: Security Context has not been set
at org.jboss.web.tomcat.security.SecurityAssociationActions$SetPrincipal
InfoAction.run(SecurityAssociationActions.java:70)
at java.security.AccessController.doPrivileged(Native Method)
at org.jboss.web.tomcat.security.SecurityAssociationActions.setPrincipal
Info(SecurityAssociationActions.java:270)
at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebReal
m.java:388)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(Form
Authenticator.java:258)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:417)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
e.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce
ss(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok
e(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
onnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:330)
at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436)
at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpPro
tocol.java:384)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
7)
at java.lang.Thread.run(Thread.java:619)
Actions
3. Re: Authentication Error

wolfgangknauf Aug 19, 2009 8:55 AM (in response to lesquivel)

Hi,

which JBoss version?

I assume that you use a custom login module? If yes: please post it, too.

In general, you should provide is with much more details about your app.

Also, in the "Post reply" window, you should wrap all config and code snippets in "Code"-Blocks (see toolbar button), because this increases readability.

Best regards

Wolfgang
Actions

4. Re: Authentication Error

lesquivel Aug 19, 2009 9:44 AM (in response to lesquivel)

Hello Wolfgang and thanks for your reply!

Ok, here is more information thanks for your patience.

I am using JBoss 5.1.0GA - JDK6.
I am also usuing a custom login config. Below is the configuration:

 <application-policy name="MYCOMPANY-login-module">
 <authentication>
 <login-module code="org.MYCOMPANY.security.auth.MYCOMPANYLoginModule" flag="required">
 <module-option name = "mode">USER</module-option>

 </login-module>

 </authentication>
</application-policy>

Part of the Login Module Code:


public boolean login() throws LoginException
 {
 Session ses = null;
 try
 {
 valid = false;
 int code;
 NameCallback n = new NameCallback("User Name - ", "Guest");
 PasswordCallback p = new PasswordCallback("Password - ", false);

 callbackHandler.handle(new Callback[]{n, p});
 userName = n.getName().trim();
 password = new String(p.getPassword()).trim();
 code = General.getLoginID(userName, password); //validate login with username code >0 successfully authenticated
 if (code > 0) //if valid login ID was found for user name and password
 {
 ses = HibernateFactory.getInstance().getSession();
 Login login = (Login)ses.load(Login.class, Integer.toString(code));
 namePrincipal = new MYCOMPANYPrincipal(login);
 valid = true;
 }
 else if (isValidUserName(userName) && Employers.isValidTemporaryPassword(userName, password)) //if user name and password are valid
 {
 NewEmployeePrincipal nep = new NewEmployeePrincipal(userName);
 Login login = new Login();
 login.getAssociations().add(nep);
 login.setCurrentAssociation(nep);
 login.setName(userName);
 namePrincipal = new MYCOMPANYPrincipal(login);
 valid = true;
 }
 if (!valid)
 {
 logger.info("NOT A VALID login() - Invalid Username/Password combination - MYCOMPANYLoginModule.login()");

 }
 return valid;
 }
 catch(Throwable t)
 {
 t.printStackTrace();
 logger.error("Exception - MYCOMPANYLoginModule: " , t);
 SessionLog.exception(this.getClass().getName() + ".login() exception: ", t);
 throw new LoginException(this.getClass().getName() + ".login() exception: " + t);
 }
 finally
 {
 if (ses != null)
 {
 try
 {
 ses.close();
 }
 catch(Exception e)
 {
 SessionLog.exception(this.getClass().getName() + ".login() exception: ", e);
 }
 }
 }
 }

Everything returns as I expect on the login code. I still have more work on my part to integrate another login module that deals with roles for our authentication but what throws me off is that exception message that the security context has not been set.

I hope this is the information you need to help. Please let me know if there is anything else I can look at or post here.

Thanks again!

5. Re: Authentication Error

wolfgangknauf Aug 19, 2009 9:57 AM (in response to lesquivel)

Hi,

what is the base class of your login module? You might take a look at JBoss classes which are also derived from this one, maybe they provide you with some hint.

I fear that we are leaving the field of my knowledge, but I try to give you further help.

Wolfgang
Actions
6. Re: Authentication Error

lesquivel Aug 19, 2009 10:02 AM (in response to lesquivel)

My login module class implements javax.security.auth.spi.LoginModule.

Do you think the problem is code and not a configuration issue?

Thanks
Actions
7. Re: Authentication Error

wolfgangknauf Aug 20, 2009 11:22 AM (in response to lesquivel)
I would advice you to subclass
org.jboss.security.auth.spi.AbstractServerLoginModule
or one of its subclasses. This way, JBoss specific code might already be present. You could also compare your code to their implementation.

But I don't know whether this helps.

Wolfgang
Actions
8. Re: Authentication Error

lesquivel Aug 20, 2009 11:32 AM (in response to lesquivel)

Hello Wolfgang,

Thank you for your response. I will try what you mention. I will post an answer if I figure it out.

Thanks again.

Luis
Actions

Go to original post