SSO question
kentxu2007 Jul 22, 2010 4:09 PMI followed the GateIn reference doc and tested the single sign-on feature using GateIn and JOSSO. That worked fine with only the JOSSO gateway and GateIn(some errors in the documentation though). The problem comes when I try to test single sign-on with another web application. For simplicity, I am just using the bundled partnerapp web application comes with JOSSO. It properly redirects me to the JOSSO gateway login page, I typed in "root" info. It fails. However, I can see GateIn and JOSSO gateway both consider this login as successful (I am logged in if I go to GateIn page).
It seems to fail when the partner app valve tries to retrieve roles. I placed a trace in SSOIdentityManagerBindingImpl.findRolesBySSOSessionId. It shows the result from "SSORole[] roles = sd.getIdentityManager().findRolesByUsername(user.getName());" is null.
I can get partnerapp running fine with JOSSO before it is integrated with GateIn. Am I missing something? Please help. Thank you.
Here is the error 500 message in the browser.
java.lang.RuntimeException: Outbound relaying failed. No Principal found. Verify your SSO Agent Configuration!
org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:532)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
java.lang.Thread.run(Thread.java:619)
Here is the trace from tomcat.
Jul 22, 2010 10:44:30 AM org.josso.tc60.agent.jaas.SSOGatewayLoginModule getRoleSets
SEVERE: Session login failed for Principal : root
org.josso.gateway.identity.exceptions.SSOIdentityException
at org.josso.gateway.identity.service.WebserviceSSOIdentityManager.findRolesBySSOSessionId(WebserviceSSOIdentityManager.java:161)
at org.josso.tc60.agent.jaas.SSOGatewayLoginModule.getRoleSets(SSOGatewayLoginModule.java:292)
at org.josso.tc60.agent.jaas.SSOGatewayLoginModule.commit(SSOGatewayLoginModule.java:201)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:399)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:323)
at org.josso.tc60.agent.CatalinaSSOAgent.authenticate(CatalinaSSOAgent.java:95)
at org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java:347)
at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:526)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:619)
Caused by:
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at java.lang.Class.newInstance0(Class.java:355)
at java.lang.Class.newInstance(Class.java:308)
at org.apache.axis.encoding.ser.BeanDeserializer.<init>(BeanDeserializer.java:104)
at org.apache.axis.encoding.ser.BeanDeserializer.<init>(BeanDeserializer.java:90)
at org.josso.gateway.ws._1_1.protocol.SSOIdentityManagerErrorType.getDeserializer(SSOIdentityManagerErrorType.java:114)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.axis.encoding.ser.BaseDeserializerFactory.getSpecialized(BaseDeserializerFactory.java:154)
at org.apache.axis.encoding.ser.BaseDeserializerFactory.getDeserializerAs(BaseDeserializerFactory.java:84)
at org.apache.axis.encoding.DeserializationContext.getDeserializer(DeserializationContext.java:464)
at org.apache.axis.encoding.DeserializationContext.getDeserializerForType(DeserializationContext.java:547)
at org.apache.axis.encoding.DeserializerImpl.onStartElement(DeserializerImpl.java:438)
at org.apache.axis.encoding.DeserializerImpl.startElement(DeserializerImpl.java:393)
at org.apache.axis.encoding.DeserializationContext.startElement(DeserializationContext.java:1048)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:501)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:400)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2755)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:140)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:511)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:808)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:119)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1205)
at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:522)
at javax.xml.parsers.SAXParser.parse(SAXParser.java:395)
at org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227)
at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696)
at org.apache.axis.Message.getSOAPEnvelope(Message.java:435)
at org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChecker.java:62)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:2443)
at org.apache.axis.client.Call.invoke(Call.java:2366)
at org.apache.axis.client.Call.invoke(Call.java:1812)
at org.josso.gateway.ws._1_1.wsdl.soapbinding.SSOIdentityManagerBindingStub.findRolesBySSOSessionId(SSOIdentityManagerBindingStub.java:432)
at org.josso.gateway.identity.service.WebserviceSSOIdentityManager.findRolesBySSOSessionId(WebserviceSSOIdentityManager.java:155)
... 23 more
Jul 22, 2010 10:44:30 AM org.josso.tc60.agent.jaas.SSOGatewayLoginModule commit
SEVERE: Session login failed for Principal : root
javax.security.auth.login.LoginException: Session login failed for Principal : root
at org.josso.tc60.agent.jaas.SSOGatewayLoginModule.getRoleSets(SSOGatewayLoginModule.java:295)
at org.josso.tc60.agent.jaas.SSOGatewayLoginModule.commit(SSOGatewayLoginModule.java:201)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:399)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:323)
at org.josso.tc60.agent.CatalinaSSOAgent.authenticate(CatalinaSSOAgent.java:95)
at org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java:347)
at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:526)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:619)
Jul 22, 2010 10:44:30 AM org.apache.catalina.realm.JAASRealm authenticate
WARNING: Cannot find message associated with key jaasRealm.loginException
javax.security.auth.login.LoginException: Session login failed for Principal : root
at org.josso.tc60.agent.jaas.SSOGatewayLoginModule.commit(SSOGatewayLoginModule.java:216)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:399)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:323)
at org.josso.tc60.agent.CatalinaSSOAgent.authenticate(CatalinaSSOAgent.java:95)
at org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java:347)
at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:526)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:619)