Hi,

Confounded with the following problem. I am using container managed logon via a servlet with a DatabaseServerLoginModule and a MySql database.

The authentication code is right out of the box:

SecurityAssociationHandler handler = new SecurityAssociationHandler();
SimplePrincipal user = new SimplePrincipal("benzyp@yahoo.com");
handler.setSecurityInfo(user, ("1234").toCharArray());
LoginContext loginContext = new LoginContext("NYDNSecurityRealm",
(CallbackHandler)handler);
loginContext.login();
Subject subject = loginContext.getSubject();
Set principals = subject.getPrincipals();
principals.add(user);

Here is the NullPointerException that is produced:

14:53:49,994 ERROR [STDERR] javax.security.auth.login.LoginException: java.lang.NullPointerException
at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:141)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:206)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.nydn.ui.struts.action.LoginAction.execute(LoginAction.java:77)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:754)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:684)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:876)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
14:53:49,994 ERROR [STDERR] at java.security.AccessController.doPrivileged(Native Method)
14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
14:53:49,994 ERROR [STDERR] at com.nydn.ui.struts.action.LoginAction.execute(LoginAction.java:77)

DatabaseServerLoginModule.java:141 indicates that the null pointer is thrown because of a call to ds.getConnection. Clearly the DataSource has gone misssing.

What is so frustrating is that it seems that everything has been configured properly and the DataSource seems to have been loaded. Here is the printout from the server startup:

14:39:58,250 INFO [ConnectionFactoryBindingService] Bound ConnectionManager 'jboss.jca:service=ConnectionFactoryBinding,name=JmsXA' to JNDI name 'java:JmsXA'
14:39:59,211 INFO [ConnectionFactoryBindingService] Bound ConnectionManager 'jboss.jca:service=DataSourceBinding,name=NYDNDS' to JNDI name 'java:NYDNDS'

Here is a printout from the security.log:

2006-08-28 15:51:11,391 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(NYDNSecurityRealm), size=9
2006-08-28 15:51:11,401 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(NYDNSecurityRealm), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.ClientLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:[1]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:name=rolesQuery, value=select regs_user_roles.role_name, 'Roles' from regs_user, regs_user_roles where regs_user_roles.user_id=regs_user.user_id and regs_user.logon_id=?
name=principalsQuery, value=select password from regs_user where logon_id=?
name=password-stacking, value=useFirstPass
name=dsJndiName, value=java:/NYDNDS

2006-08-28 15:51:11,541 TRACE [org.jboss.security.ClientLoginModule] Begin login
2006-08-28 15:51:11,561 TRACE [org.jboss.security.ClientLoginModule] Obtained login: benzyp@yahoo.com, credential.class: [C
2006-08-28 15:51:11,571 TRACE [org.jboss.security.ClientLoginModule] End login
2006-08-28 15:51:11,651 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize, instance=@23253169
2006-08-28 15:51:11,661 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/NYDNDS
2006-08-28 15:51:11,671 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=select password from regs_user where logon_id=?
2006-08-28 15:51:11,671 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=select regs_user_roles.role_name, 'Roles' from regs_user, regs_user_roles where regs_user_roles.user_id=regs_user.user_id and regs_user.logon_id=?
2006-08-28 15:51:11,691 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendResume=true
2006-08-28 15:51:11,711 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
2006-08-28 15:51:11,711 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction
2006-08-28 15:51:11,731 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction
2006-08-28 15:51:11,761 TRACE [org.jboss.security.ClientLoginModule] abort
2006-08-28 15:51:12,643 DEBUG [org.jboss.security.SecurityAssociation] Using ThreadLocal: false
2006-08-28 15:51:13,003 TRACE [org.jboss.security.SecurityAssociation] clear, server=false
2006-08-28 15:51:13,013 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort
2006-08-28 15:51:14,475 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
2006-08-28 15:51:14,495 TRACE [org.jboss.security.SecurityAssociation] clear, server=true

I have gone over the configuration many times and all seems to be in order. No problems with the db user account, or the queries - I have verified them. Here is the login-config.xml entry

<application-policy name="NYDNSecurityRealm">

<login-module code="org.jboss.security.ClientLoginModule" flag="required">
</login-module>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/NYDNDS</module-option>
<module-option name="principalsQuery">
select password from regs_user where logon_id=?</module-option>
<module-option name="rolesQuery">
select regs_user_roles.role_name, 'Roles' from regs_user, regs_user_roles where regs_user_roles.user_id=regs_user.user_id and regs_user.logon_id=?</module-option>
<!--module-option name="defaultRole">Authenticated</module-option-->
<module-option name="password-stacking">useFirstPass</module-option>
<!--module-option name="hashAlgorithm">MD5</module-option>
<module-option name="hashEncoding">base64</module-option-->
</login-module>

</application-policy>


And to top it all off this was working like a charm and suddenly stopped. I know the last thing I did was to add logging to the servlet code. Any help would be greatly appreciated as I have been struggling with this for about 3 days now and it has halted my development.