JASPIC Module not working - Error getting ServerAuthContext for authContextId default-host
rsoika Jul 10, 2017 5:15 PMHi,
I try to implement a JASPIC (JSR-196) module running on Wildfly 10.1.0.
I think I am familiar with implementing a ServerAuthModule, which I have done several times for GlassFish in the past.
I defined in my standalone.xml a new security domain for my JASPIC module like this:
<security-domain name="jaspimodule1"> <authentication-jaspi> <login-module-stack name="dummymodule1"> <login-module code="DummyModule1" flag="optional"/> </login-module-stack> <auth-module code="com.imixs.auth.DummyAuthModule" /> </authentication-jaspi> </security-domain>
I also added the following jboss-web.xml to my web application
<?xml version="1.0" encoding="UTF-8"?> <jboss-web> <security-domain>jaspimodule1</security-domain> </jboss-web>
I removed the 'login-config' form my web.xml and added only the 'security-constraint' and 'security-role' configuration.
When I try to access my application in debug mode, I see that the 'initialize' method is called, so I think my module is registered in some way.
@Override public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy, CallbackHandler handler, Map options) throws AuthException { logger.finest("AuthModule: initialize...."); this.requestPolicy = requestPolicy; this.responsePolicy = responsePolicy; if (requestPolicy != null) { this.isMandatory = requestPolicy.isMandatory(); } this.handler = handler; this.options = options; }
But my problem is hat the method 'validateRequest' is never called.
On the wildfly server console I got the following exception:
| 20:56:44,732 ERROR [org.jboss.security] (default task-47) PBOX00374: Error getting ServerAuthContext for authContextId default-host /office-test and security domain jaspimodule1: javax.security.auth.message.AuthException | at org.jboss.security.auth.message.config.JBossServerAuthConfig.getAuthContext(JBossServerAuthConfig.java:187) | at org.jboss.security.plugins.auth.JASPIServerAuthenticationManager.isValid(JASPIServerAuthenticationManager.java:99) | at org.wildfly.extension.undertow.security.jaspi.JASPICAuthenticationMechanism.authenticate(JASPICAuthenticationMechanism.java:123) | at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:245) | at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:231) | at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:125) | at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) | at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) | at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55) | at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) | at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) | at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) | at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) | at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) | at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) | at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) | at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) | at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) | at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) | at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) | at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) | at org.wildfly.extension.undertow.security.jaspi.JASPICSecureResponseHandler.handleRequest(JASPICSecureResponseHandler.java:26) | at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) | at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) | at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) | at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) | at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) | at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) | at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) | at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) | at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) | at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) | at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) | at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) | at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) | at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) | at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) | at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) | at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) | at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805) | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) | at java.lang.Thread.run(Thread.java:745)
Can anybody help me what this message means and where the missing part in my configuration could be?
Thanks for help
===
Ralph