Problem authentication
osnetwork Feb 21, 2010 1:17 PMHi all,
I'm having problems with the authentication and RESTeasy. I'm using JBossAS-5.1.0GA
I have setup the security with in login-config.xml like that:
<application-policy name="gamgamSDomain">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="hashAlgorithm">MD5</module-option>
<module-option name="hashEncoding">HEX</module-option>
<module-option name="unauthenticatedIdentity">guest</module-option>
<module-option name="dsJndiName">java:/MySqlLoginDS</module-option>
<module-option name="principalsQuery">SELECT vpassword FROM VUser WHERE vname=?</module-option>
<module-option name="rolesQuery">SELECT vrole, 'Roles' FROM VRole WHERE vname=?</module-option>
</login-module>
</authentication>
</application-policy>
I have a WEB application that performs a FORM login and works fine using that security domain. Here is the jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/gamgamSDomain</security-domain>
</jboss-web>
The web.xml is quite long, but here is an extract:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>gamgamWEB</display-name>
<security-role>
<role-name>admin</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>IndexManagement</web-resource-name>
<url-pattern>/secure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>....
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginfail.jsp</form-error-page>
</form-login-config>
</login-config>...
</web-app>
Now, I wanted to test RESTeasy security. So I have created another web application, I have used the same jboss-web.xml because I want to use the same security domain and I have created a different web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:j2ee="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
>
<display-name>RESTful Java Web Service</display-name>
<!-- this tells RESTEasy to load resource classes -->
<context-param>
<param-name>resteasy.scan</param-name>
<param-value>true</param-value>
</context-param>
<!-- to turn on security -->
<context-param>
<param-name>resteasy.role.based.security</param-name>
<param-value>true</param-value>
</context-param>
<listener>
<listener-class>
org.jboss.resteasy.plugins.server.servlet.ResteasyBootstrap
</listener-class>
</listener>
<servlet>
<servlet-name>JAXRS</servlet-name>
<servlet-class>
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher
</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Resteasy</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Resteasy users</web-resource-name>
<!-- <url-pattern>/security</url-pattern>
-->
<url-pattern>/users/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>jaxrs</realm-name>
</login-config>
<security-role>
<role-name>admin</role-name>
</security-role>
</web-app>
So, if I try to login from the WEB application it works and I get something like that in the log:
2010-02-21 17:09:44,784 TRACE [org.jboss.security.SecurityRolesAssociation] (http-localhost%2F127.0.0.1-8080-1:) Setting threadlocal:{}
2010-02-21 17:09:44,785 TRACE [org.jboss.web.tomcat.security.JaccContextValve] (http-localhost%2F127.0.0.1-8080-1:) MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData@1484bc6c:principalToRoleSetMap{}
2010-02-21 17:09:44,786 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] (http-localhost%2F127.0.0.1-8080-1:) Begin authenticate, username=admin
2010-02-21 17:09:44,801 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.gamgamSDomain] (http-localhost%2F127.0.0.1-8080-1:) Begin isValid, principal:admin, cache info: null
2010-02-21 17:09:44,802 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.gamgamSDomain] (http-localhost%2F127.0.0.1-8080-1:) defaultLogin, principal=admin
2010-02-21 17:09:44,802 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http-localhost%2F127.0.0.1-8080-1:) Begin getAppConfigurationEntry(gamgamSDomain), size=12
2010-02-21 17:09:44,802 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http-localhost%2F127.0.0.1-8080-1:) End getAppConfigurationEntry(gamgamSDomain), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=hashAlgorithm, value=MD5
name=principalsQuery, value=SELECT vpassword FROM VUser WHERE vname=?
name=unauthenticatedIdentity, value=guest
name=hashEncoding, value=HEX
name=dsJndiName, value=java:/MySqlLoginDS
name=rolesQuery, value=SELECT vrole, 'Roles' FROM VRole WHERE vname=?
2010-02-21 17:09:44,804 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) initialize
2010-02-21 17:09:44,804 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Security domain: gamgamSDomain
2010-02-21 17:09:44,804 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Saw unauthenticatedIdentity=guest
2010-02-21 17:09:44,804 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Password hashing activated: algorithm = MD5, encoding = HEX, charset = {default}, callback = null, storeCallback = null
2010-02-21 17:09:44,804 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) DatabaseServerLoginModule, dsJndiName=java:/MySqlLoginDS
2010-02-21 17:09:44,805 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) principalsQuery=SELECT vpassword FROM VUser WHERE vname=?
2010-02-21 17:09:44,805 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) rolesQuery=SELECT vrole, 'Roles' FROM VRole WHERE vname=?
2010-02-21 17:09:44,805 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) suspendResume=true
2010-02-21 17:09:44,805 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) login
2010-02-21 17:09:44,806 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) suspendAnyTransaction
2010-02-21 17:09:44,807 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Excuting query: SELECT vpassword FROM VUser WHERE vname=?, with username: admin
2010-02-21 17:09:44,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Obtained user password
2010-02-21 17:09:44,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) resumeAnyTransaction
2010-02-21 17:09:44,808 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) User 'admin' authenticated, loginOk=true
2010-02-21 17:09:44,809 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) commit, loginOk=true
2010-02-21 17:09:44,809 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) getRoleSets using rolesQuery: SELECT vrole, 'Roles' FROM VRole WHERE vname=?, username: admin
2010-02-21 17:09:44,809 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) suspendAnyTransaction
2010-02-21 17:09:44,810 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Excuting query: SELECT vrole, 'Roles' FROM VRole WHERE vname=?, with username: admin
2010-02-21 17:09:44,811 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Assign user to role admin
2010-02-21 17:09:44,811 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) resumeAnyTransaction
2010-02-21 17:09:44,811 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.gamgamSDomain] (http-localhost%2F127.0.0.1-8080-1:) defaultLogin, lc=javax.security.auth.login.LoginContext@92e44d, subject=Subject(30061291).principals=org.jboss.security.SimplePrincipal@10294300(admin)org.jboss.security.SimpleGroup@16686575(Roles(members:admin))
If I try with RESTeasy I get:
2010-02-21 16:13:10,585 TRACE [org.jboss.security.SecurityRolesAssociation] (http-localhost%2F127.0.0.1-8080-1:) Setting threadlocal:{}
2010-02-21 16:13:10,585 TRACE [org.jboss.web.tomcat.security.JaccContextValve] (http-localhost%2F127.0.0.1-8080-1:) MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData@1f:principalToRoleSetMap{}
2010-02-21 16:13:10,586 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] (http-localhost%2F127.0.0.1-8080-1:) Control flag for entry:org.jboss.security.authorization.config.Authorizatio
nModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED]
2010-02-21 16:13:10,587 TRACE [org.jboss.security.audit.providers.LogAuditProvider] (http-localhost%2F127.0.0.1-8080-1:) [Success]Source=org.jboss.security.plugins.javaee.WebAuthorizationHelper;Exception:=;userD
ataPermissionCheck=true;securityConstraints=SecurityConstraint[Resteasy];Resource:=[org.jboss.security.authorization.resources.WebResource:contextMap={userDataPermissionCheck=true, securityConstraints=[Lorg.apac
he.catalina.deploy.SecurityConstraint;@edb5aa, policyRegistration=org.jboss.security.plugins.JBossPolicyRegistration@20fcab},canonicalRequestURI=null,request=[/ggGate],CodeSource=null];policyRegistration=org.jbo
ss.security.plugins.JBossPolicyRegistration@20fcab;
2010-02-21 16:13:10,592 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] (http-localhost%2F127.0.0.1-8080-1:) Begin authenticate, username=admin
2010-02-21 16:13:10,593 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.gamgamSDomain] (http-localhost%2F127.0.0.1-8080-1:) Begin isValid, principal:admin, cache info: null
2010-02-21 16:13:10,594 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.gamgamSDomain] (http-localhost%2F127.0.0.1-8080-1:) defaultLogin, principal=admin
2010-02-21 16:13:10,594 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http-localhost%2F127.0.0.1-8080-1:) Begin getAppConfigurationEntry(gamgamSDomain), size=12
2010-02-21 16:13:10,594 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] (http-localhost%2F127.0.0.1-8080-1:) End getAppConfigurationEntry(gamgamSDomain), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=hashAlgorithm, value=MD5
name=principalsQuery, value=SELECT vpassword FROM VUser WHERE vname=?
name=unauthenticatedIdentity, value=guest
name=hashEncoding, value=HEX
name=dsJndiName, value=java:/MySqlLoginDS
name=rolesQuery, value=SELECT vrole, 'Roles' FROM VRole WHERE vname=?
2010-02-21 16:13:10,596 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) initialize
2010-02-21 16:13:10,597 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Security domain: gamgamSDomain
2010-02-21 16:13:10,597 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Saw unauthenticatedIdentity=guest
2010-02-21 16:13:10,597 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) Password hashing activated: algorithm = MD5, encoding = HEX, charset = {default}, callba
ck = null, storeCallback = null
2010-02-21 16:13:10,597 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) DatabaseServerLoginModule, dsJndiName=java:/MySqlLoginDS
2010-02-21 16:13:10,597 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) principalsQuery=SELECT vpassword FROM VUser WHERE vname=?
2010-02-21 16:13:10,597 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) rolesQuery=SELECT vrole, 'Roles' FROM VRole WHERE vname=?
2010-02-21 16:13:10,597 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) suspendResume=true
2010-02-21 16:13:10,600 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) login
2010-02-21 16:13:10,600 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) suspendAnyTransaction
2010-02-21 16:13:10,610 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) resumeAnyTransaction
2010-02-21 16:13:10,611 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] (http-localhost%2F127.0.0.1-8080-1:) abort
2010-02-21 16:13:10,611 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.gamgamSDomain] (http-localhost%2F127.0.0.1-8080-1:) Login failure
javax.security.auth.login.LoginException: java.lang.NullPointerException
at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:173)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:245)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:905)
at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:592)
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2036)
at java.lang.Thread.run(Thread.java:619)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:905)
at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:592)
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2036)
at java.lang.Thread.run(Thread.java:619)
2010-02-21 16:13:10,612 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.gamgamSDomain] (http-localhost%2F127.0.0.1-8080-1:) End isValid, false
2010-02-21 16:13:10,623 TRACE [org.jboss.security.audit.providers.LogAuditProvider] (http-localhost%2F127.0.0.1-8080-1:) [Failure]Source=org.jboss.web.tomcat.security.JBossWebRealm;principal=admin;request=[/ggGa
te:cookies=null:headers=host=localhost:8080,user-agent=Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.18) Gecko/2010021501 Ubuntu/9.04 (jaunty) Firefox/3.0.18,accept=text/html,application/xhtml+xml,application
/xml;q=0.9,*/*;q=0.8,accept-language=en-us,en;q=0.5,accept-encoding=gzip,deflate,accept-charset=ISO-8859-1,utf-8;q=0.7,*;q=0.7,keep-alive=300,connection=keep-alive,authorization=][parameters=][attributes=];
2010-02-21 16:13:10,623 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] (http-localhost%2F127.0.0.1-8080-1:) User: admin is NOT authenticated
2010-02-21 16:13:10,623 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] (http-localhost%2F127.0.0.1-8080-1:) End authenticate, principal=null
2010-02-21 16:13:10,623 TRACE [org.jboss.security.SecurityRolesAssociation] (http-localhost%2F127.0.0.1-8080-1:) Setting threadlocal:null
2010-02-21 16:13:10,624 TRACE [org.jboss.security.SecurityRolesAssociation] (http-localhost%2F127.0.0.1-8080-1:) Setting threadlocal:null
The main difference starts after the "suspendAnyTransaction". With RESTeasy then, there is not "Excuting query: SELECT vpassword FROM VUser WHERE vname=?, with username: admin" but instead there is "resumeAnyTransaction" and then "abort" with the following error message.
Do you have any idea about what it could be the problem?
Thanks in advance,
Luca
PS=sorry for the long post, but I wanted to be as accurate as possible