Seam Security Problem
g00se24 Apr 26, 2007 6:59 AMHello,
i tried to deploy a minimal SEAM project which only consists of a login page. The problem is that I would like to use a own written build.xml script, which is already stable running.
The problem:
12:25:35,281 ERROR [SeamLoginModule] Error invoking login method javax.faces.el.EvaluationException: Exception while invoking expression #{test.t est} at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java :165) at org.jboss.seam.actionparam.ActionParamBindingHelper.invokeTheExpressi on(ActionParamBindingHelper.java:58) at org.jboss.seam.actionparam.ActionParamMethodBinding.invoke(ActionPara mMethodBinding.java:75) at org.jboss.seam.core.Expressions$2.invoke(Expressions.java:148) at org.jboss.seam.security.jaas.SeamLoginModule.login(SeamLoginModule.ja va:104) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:1 86) at javax.security.auth.login.LoginContext$5.run(LoginContext.java:706) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext .java:703) at javax.security.auth.login.LoginContext.login(LoginContext.java:575) at org.jboss.seam.security.Identity.authenticate(Identity.java:247) at org.jboss.seam.security.Identity.authenticate(Identity.java:240) at org.jboss.seam.security.Identity.login(Identity.java:170) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at com.sun.el.parser.AstValue.invoke(AstValue.java:174) at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:286) at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.ja va:68) at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.ja va:69) at org.apache.myfaces.application.ActionListenerImpl.processAction(Actio nListenerImpl.java:63) at javax.faces.component.UICommand.broadcast(UICommand.java:106) at org.ajax4jsf.framework.ajax.AjaxViewRoot.processEvents(AjaxViewRoot.j ava:274) at org.ajax4jsf.framework.ajax.AjaxViewRoot.broadcastEvents(AjaxViewRoot .java:250) at org.ajax4jsf.framework.ajax.AjaxViewRoot.processApplication(AjaxViewR oot.java:405) at org.apache.myfaces.lifecycle.LifecycleImpl.invokeApplication(Lifecycl eImpl.java:343) at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java :86) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:137) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:173) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.jav a:63) at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.jav a:49) at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:57) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.jav a:49) at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:79) at org.jboss.seam.web.SeamFilter$FilterChainImpl.doFilter(SeamFilter.jav a:49) at org.jboss.seam.web.SeamFilter.doFilter(SeamFilter.java:84) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:173) at org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseX MLFilter.java:75) at org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter. java:213) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:173) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFi lter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV alve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV alve.java:178) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(Securit yAssociationValve.java:175) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica torBase.java:432) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv e.java:74) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j ava:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j ava:105) at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConne ctionValve.java:156) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal ve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav a:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java :869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.p rocessConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpo int.java:527) at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWor kerThread.java:112) at java.lang.Thread.run(Thread.java:595) Caused by: javax.faces.el.PropertyNotFoundException: Base is null: test at org.apache.myfaces.el.ValueBindingImpl.resolveToBaseAndProperty(Value BindingImpl.java:460) at org.apache.myfaces.el.MethodBindingImpl.resolveToBaseAndProperty(Meth odBindingImpl.java:180) at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java :114) ... 67 more
The project ist structured like:
dist/
META-INF/
application.xml
jboss-app.xml
view.war/
WEB-INF/
components.xml
faces-config.xml
web.xml
index.html -> Redirect index.seam
index.xhtml
index.page.xml
web.xml
<?xml version="1.0" ?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4"> <!-- Ajax4jsf (must come first!) --> <filter> <display-name>Ajax4jsf Filter</display-name> <filter-name>ajax4jsf</filter-name> <filter-class>org.ajax4jsf.Filter</filter-class> </filter> <filter-mapping> <filter-name>ajax4jsf</filter-name> <url-pattern>*.seam</url-pattern> </filter-mapping> <context-param> <param-name>org.ajax4jsf.VIEW_HANDLERS</param-name> <param-value>org.jboss.seam.ui.facelet.SeamFaceletViewHandler</param-value> </context-param> <!-- Seam --> <listener> <listener-class>org.jboss.seam.servlet.SeamListener</listener-class> </listener> <filter> <filter-name>Seam Filter</filter-name> <filter-class>org.jboss.seam.web.SeamFilter</filter-class> </filter> <filter-mapping> <filter-name>Seam Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <servlet> <servlet-name>Seam Resource Servlet</servlet-name> <servlet-class>org.jboss.seam.servlet.ResourceServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>Seam Resource Servlet</servlet-name> <url-pattern>/seam/resource/*</url-pattern> </servlet-mapping> <!-- MyFaces --> <listener> <listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class> </listener> <!-- Facelets development mode (disable in production) --> <context-param> <param-name>facelets.DEVELOPMENT</param-name> <param-value>true</param-value> </context-param> <!-- JSF --> <context-param> <param-name>javax.faces.STATE_SAVING_METHOD</param-name> <param-value>client</param-value> </context-param> <context-param> <param-name>javax.faces.DEFAULT_SUFFIX</param-name> <param-value>.xhtml</param-value> </context-param> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.seam</url-pattern> </servlet-mapping> <security-constraint> <display-name>Restrict raw XHTML Documents</display-name> <web-resource-collection> <web-resource-name>XHTML</web-resource-name> <url-pattern>*.xhtml</url-pattern> </web-resource-collection> <auth-constraint> <role-name>NONE</role-name> </auth-constraint> </security-constraint> </web-app>
components.xml
<?xml version="1.0" encoding="UTF-8"?> <components xmlns="http://jboss.com/products/seam/components" xmlns:core="http://jboss.com/products/seam/core" xmlns:drools="http://jboss.com/products/seam/drools" xmlns:security="http://jboss.com/products/seam/security" xmlns:mail="http://jboss.com/products/seam/mail" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation= "http://jboss.com/products/seam/core http://jboss.com/products/seam/core-1.2.xsd http://jboss.com/products/seam/drools http://jboss.com/products/seam/drools-1.2.xsd http://jboss.com/products/seam/security http://jboss.com/products/seam/security-1.2.xsd http://jboss.com/products/seam/mail http://jboss.com/products/seam/mail-1.2.xsd http://jboss.com/products/seam/components http://jboss.com/products/seam/components-1.2.xsd"> <core:init debug="true" jndi-pattern="alert/#{ejbName}/local"/> <core:manager concurrent-request-timeout="500" conversation-timeout="120000" conversation-id-parameter="cid" conversation-is-long-running-parameter="clr"/> <core:managed-persistence-context name="entityManager" auto-create="true" persistence-unit-jndi-name="java:/DefaultDS"/> <core:ejb installed="false"/> <security:identity authenticate-method="#{test.test}"/> <event type="org.jboss.seam.notLoggedIn"> <action expression="#{redirect.captureCurrentView}"/> </event> <event type="org.jboss.seam.postAuthenticate"> <action expression="#{redirect.returnToCapturedView}"/> </event> </components>
faces-config.xml
<?xml version='1.0' encoding='UTF-8'?> <!DOCTYPE faces-config PUBLIC "-//Sun Microsystems, Inc.//DTD JavaServer Faces Config 1.1//EN" "http://java.sun.com/dtd/web-facesconfig_1_1.dtd"> <faces-config> <application> <message-bundle>messages</message-bundle> <!-- Disabled when using Ajax4JSF --> <!-- <view-handler>org.jboss.seam.ui.facelet.SeamFaceletViewHandler</view-handler> --> </application> <!-- Seam transaction management --> <lifecycle> <phase-listener>org.jboss.seam.jsf.TransactionalSeamPhaseListener</phase-listener> </lifecycle> </faces-config>
application.xml
<?xml version="1.0" encoding="UTF-8"?> <application xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/application_5.xsd" version="5"> <display-name>alert</display-name> <module> <web> <web-uri>view.war</web-uri> <context-root>/alert</context-root> </web> </module> <module> <ejb>bean.jar</ejb> </module> <module> <java>jboss-seam.jar</java> </module> <!-- Remove these lines for JSF 1.2 --> <module> <java>el-api.jar</java> </module> <module> <java>el-ri.jar</java> </module> </application>
Authenticator.class
package de.alert.session; import org.jboss.seam.annotations.In; import org.jboss.seam.annotations.Logger; import org.jboss.seam.annotations.Name; import org.jboss.seam.log.Log; import org.jboss.seam.security.Identity; @Name("test") public class Authenticator { @Logger Log log; @In Identity identity; public boolean test() { log.info("authenticating #0", identity.getUsername()); //write your authentication logic here, //return true if the authentication was //successful, false otherwise identity.addRole("admin"); return true; } }
index.xhtml
<h:outputLabel for="username">Username</h:outputLabel> <h:inputText id="username" value="#{identity.username}"/> <h:outputLabel for="password">Password</h:outputLabel> <h:inputSecret id="password" value="#{identity.password}"/> <h:outputLabel for="rememberMe">Remember me</h:outputLabel> <h:selectBooleanCheckbox id="rememberMe" value="#{identity.rememberMe}"/> <h:commandButton value="Login" action="#{identity.login}"/>
What am I doing wrong? All neccessary libaries are in place. Am I missing some configuration files? Has anybody an idea?
If neccessary I would send you my full project structure.
Thank in advance