Jaas login is failing 95% of the time: NullPointerException
Hi All,
I've sucessfully configured Jaas to secure my application. I have more then one web context into the EAR application as following:
SingleSignOn is ON
EAR
/ - Jaas is working vey well.
/itsm - Jaas fails 99% if the time. If I restart the application it works only at first attempt, and if I redeploy the ear context it works one or two times after several attemps (but If I try to login from / I always login)
CONFIGURATION
server.xml
<Host name="presentia">
<Alias>www.xyz.com.br</Alias>
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
<Valve className="org.jboss.web.tomcat.service.jca.CachedConnectionValve"
cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
transactionManagerObjectName="jboss:service=TransactionManager" />
</Host>
(Each context's jboss-web.xml)
<jboss-web>
<security-domain>java:/jaas/presentia</security-domain>
<context-root>/</context-root>
<virtual-host>presentia</virtual-host>
</jboss-web>
<jboss-web>
<security-domain>java:/jaas/presentia</security-domain>
<context-root>/itsm</context-root>
<virtual-host>presentia</virtual-host>
</jboss-web>
web.xml is configured to work as usual.
Error message I receive when debugging JAAS when the login attempt fails:
14:41:38,187 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:{}
14:41:38,187 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.presentia] Begin isValid, principal:davi, cache info: null
14:41:38,187 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.presentia] defaultLogin, principal=davi
14:41:38,187 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(presentia), size=14
14:41:38,187 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(presentia), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=hashAlgorithm, value=MD5
name=principalsQuery, value=select p.value from users.user u, users.user_profile p where p.userid = u.id and p.key = 'password' and u.uid = ?
name=unauthenticatedIdentity, value=ANONYMOUS
name=hashEncoding, value=hex
name=dsJndiName, value=java:/SarbarianDS
name=rolesQuery, value=select role, 'Roles' from users.user_role_join j, users.user u where j.userid = u.id and u.uid = ?
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Security domain: presentia
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Saw unauthenticatedIdentity=ANONYMOUS
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Password hashing activated: algorithm = MD5, encoding = hex, charset = {default}, callback = null, storeCallback = null
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/SarbarianDS
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=select p.value from users.user u, users.user_profile p where p.userid = u.id and p.key = 'password' and u.uid = ?
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=select role, 'Roles' from users.user_role_join j, users.user u where j.userid = u.id and u.uid = ?
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendResume=true
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction
14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort
14:41:38,187 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.presentia] Login failure
javax.security.auth.login.LoginException: java.lang.NullPointerException
at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:173)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:245)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:383)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:383)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Unknown Source)
14:41:38,187 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.presentia] End isValid, false
14:41:38,187 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null
How can I drive to a solution here? Does anyone got this odd behavour before?
THanks,
Davi