JAAS + JSF + OAuth + RestEasy + JBOSS 7
Greetings, I'm trying to add security to my project .EAR, I am try to use the new Servlet 3.0 HttpServletRequest#login() , when I use a form j_security_check this works correctly but when I use the following method I get an error:
javax.servlet.ServletException: Failed to authenticate a principal 11:25:53,951 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.connector.Request.login(Request.java:3257) 11:25:53,952 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1082) 11:25:53,952 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at ve.gob.oncop.sigecof.integracion.api.seguridad.SeguridadManageBeam.login(SeguridadManageBeam.java:92) 11:25:53,953 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 11:25:53,953 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 11:25:53,954 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 11:25:53,954 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at java.lang.reflect.Method.invoke(Method.java:597) 11:25:53,955 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.el.parser.AstValue.invoke(AstValue.java:262) 11:25:53,955 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:278) 11:25:53,955 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39) 11:25:53,956 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) 11:25:53,956 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) 11:25:53,957 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88) 11:25:53,957 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) 11:25:53,958 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at javax.faces.component.UICommand.broadcast(UICommand.java:315) 11:25:53,958 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794) 11:25:53,958 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259) 11:25:53,959 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) 11:25:53,959 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) 11:25:53,960 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) 11:25:53,960 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593) 11:25:53,960 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) 11:25:53,961 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) 11:25:53,961 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) 11:25:53,962 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) 11:25:53,962 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) 11:25:53,963 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) 11:25:53,963 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) 11:25:53,964 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) 11:25:53,964 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397) 11:25:53,965 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.jboss.resteasy.skeleton.key.as7.OAuthAuthenticationServerValve.invoke(OAuthAuthenticationServerValve.java:424) 11:25:53,965 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) 11:25:53,966 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) 11:25:53,966 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 11:25:53,966 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 11:25:53,967 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) 11:25:53,967 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) 11:25:53,968 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) 11:25:53,968 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) 11:25:53,969 ERROR [stderr] (http-localhost-127.0.0.1-8443-1) at java.lang.Thread.run(Thread.java:662) 11:25:53,987 INFO [org.jboss.resteasy.skeleton.key.as7.OAuthAuthenticationServerValve] (http-localhost-127.0.0.1-8443-5) --- invoke: /SigecofIntegracionApi-web/resources/gfx/dualbrand_as7eap.png 11:25:53,987 INFO [org.jboss.resteasy.skeleton.key.as7.OAuthAuthenticationServerValve] (http-localhost-127.0.0.1-8443-1) --- invoke: /SigecofIntegracionApi-web/resources/gfx/dualbrand_logo.png
The code used is as follows:
This works
<form method="post" action="j_security_check"> <h:panelGrid columns="2" > Username<input type="text" name="j_username" size="25" /> Password<input type="password" size="15" name="j_password" /> </h:panelGrid> <button type="submit" >Enviar</button> </form>
This does not work
<h:panelGrid columns="2">
<h:outputLabel for="usuario" value="Username" />
<h:inputText id="usuario" value="#{seguridadManageBeam.usuario}" />
<h:outputLabel for="password" value="Password" />
<h:inputSecret id="password" value="#{seguridadManageBeam.password}" />
<h:commandButton value="Iniciar Sesión" action="#{seguridadManageBeam.login()}" />
</h:panelGrid>
the login method is as follows
FacesContext context = FacesContext.getCurrentInstance();
ExternalContext externalContext = context.getExternalContext();
HttpServletRequest request = (HttpServletRequest) externalContext.getRequest();
try {
Principal userPrincipal = request.getUserPrincipal();
System.out.println(">>> userPrincipal = "+userPrincipal);
if (request.getUserPrincipal() != null) {
request.logout();
}
request.login(usuario, password);
externalContext.redirect(originalURL);
} catch (ServletException e) {
e.printStackTrace();
// Handle unknown username/password in request.login().
context.addMessage(null, new FacesMessage("ERROR"));
}
when I first started the server I can see the following line to the console.
ADVERTENCIA [org.jboss.resteasy.plugins.providers.RegisterBuiltin] (MSC service thread 1-3) NoClassDefFoundError: Unable to load builtin provider: org.jboss.resteasy.security.smime.MultipartSignedReader
Thanks in advance for any help