1 Reply Latest reply on Aug 17, 2011 12:25 PM by dlofthouse

    SimplePrincipal in AS 7

    simkam
    simkam Aug 17, 2011 7:57 AM

      Hi, I have custom login module where I'am using SimplePricipal class from PicketBox. In Jboss AS 7 I'm getting strange exception. In Jboss AS 5.1 login module works fine.

       

       

      13:13:47,559 FINE  [cz.zdas.gif.ldapdbloginmodule.LdapDBLoginModule] (http--127.0.0.1-8080-1) ex: java.lang.SecurityException: attempting to add an object which is not an instance of java.security.Principal to a Subject's Principal Set
        at javax.security.auth.Subject$SecureSet.add(Subject.java:1074) [:1.6.0_26]
        at java.util.Collections$SynchronizedCollection.add(Collections.java:1577) [:1.6.0_26]
        at cz.zdas.gif.ldapdbloginmodule.LdapDBLoginModule.commit(LdapDBLoginModule.java:158) [LoginService-JAAS.jar:]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_26]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_26]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_26]
        at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_26]
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [:1.6.0_26]
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_26]
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_26]
        at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_26]
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_26]
        at javax.security.auth.login.LoginContext.login(LoginContext.java:580) [:1.6.0_26]
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411) [picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345) [picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
        at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154) [picketbox-infinispan-4.0.0.CR1.jar:4.0.0.CR1]
        at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127) [jboss-as-web-7.0.0.Final.jar:7.0.0.Final]
        at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.0.CR4.jar:7.0.0.Final]
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:372) [jbossweb-7.0.0.CR4.jar:7.0.0.Final]
        at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57) [jboss-as-web-7.0.0.Final.jar:7.0.0.Final]
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154) [jbossweb-7.0.0.CR4.jar:7.0.0.Final]
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.0.CR4.jar:7.0.0.Final]
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.0.CR4.jar:7.0.0.Final]
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.0.CR4.jar:7.0.0.Final]
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.0.CR4.jar:7.0.0.Final]
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:667) [jbossweb-7.0.0.CR4.jar:7.0.0.Final]
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951) [jbossweb-7.0.0.CR4.jar:7.0.0.Final]
        at java.lang.Thread.run(Thread.java:662) [:1.6.0_26]

       

      my commit method

       

      private Principal userPrincipal;

...
@Override
    public boolean login() throws LoginException {
     ....
     userPrincipal = new SimplePrincipal(username);
     ....
    }

@Override
    public boolean commit() throws LoginException {
        logger.log(Level.FINE, "commit, loginOk: {0}", success);
        if (!success) {
            return false;
        }
        try {
            Set<Principal> principals = subject.getPrincipals();
            principals.add(userPrincipal);
            SimpleGroup group = new SimpleGroup("Roles");
            logger.log(Level.FINE, "Role: {0}", roles);
            for (String str : roles) {
                SimpleGroup g = new SimpleGroup(str);
                //g.addMember(group);
                principals.add(g);
               group.addMember(g);
        }
        principals.add(group);
        }catch(Exception ex) {
            logger.log(Level.FINE, "ex", ex);
        }
        return true;
    }

      Exception is on line with: principals.add(userPrincipal);

      Please help with any advice. Thanks

      • 1555 Views
      • Tags:
        • 1. Re: SimplePrincipal in AS 7
          dlofthouse
          dlofthouse Aug 17, 2011 12:25 PM (in response to simkam)

          What type of deployment is it that contains your login module?

           

          From the error message it sounds like the java.security.Principal class may be getting loaded from different classloaders which would explain the failure error you are seeing.

          1 of 1 people found this helpful
            • Actions