4 Replies Latest reply on Oct 30, 2006 12:03 PM by Andy W. Clements

    Lost datasource

    Ben Pernikoff Newbie

      Hi,

      Confounded with the following problem. I am using container managed logon via a servlet with a DatabaseServerLoginModule and a MySql database.

      The authentication code is right out of the box:


      SecurityAssociationHandler handler = new SecurityAssociationHandler();
      SimplePrincipal user = new SimplePrincipal("benzyp@yahoo.com");
      handler.setSecurityInfo(user, ("1234").toCharArray());
      LoginContext loginContext = new LoginContext("NYDNSecurityRealm",
      (CallbackHandler)handler);
      loginContext.login();
      Subject subject = loginContext.getSubject();
      Set principals = subject.getPrincipals();
      principals.add(user);

      Here is the NullPointerException that is produced:


      14:53:49,994 ERROR [STDERR] javax.security.auth.login.LoginException: java.lang.NullPointerException
      at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:141)

      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:206)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:585)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
      at com.nydn.ui.struts.action.LoginAction.execute(LoginAction.java:77)
      at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
      at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
      at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194)
      at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
      at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
      at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
      at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199)
      at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282)
      at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:754)
      at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:684)
      at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:876)
      at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
      at java.lang.Thread.run(Thread.java:595)
      14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
      14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
      14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
      14:53:49,994 ERROR [STDERR] at java.security.AccessController.doPrivileged(Native Method)
      14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
      14:53:49,994 ERROR [STDERR] at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
      14:53:49,994 ERROR [STDERR] at com.nydn.ui.struts.action.LoginAction.execute(LoginAction.java:77)

      DatabaseServerLoginModule.java:141 indicates that the null pointer is thrown because of a call to ds.getConnection. Clearly the DataSource has gone misssing.

      What is so frustrating is that it seems that everything has been configured properly and the DataSource seems to have been loaded. Here is the printout from the server startup:


      14:39:58,250 INFO [ConnectionFactoryBindingService] Bound ConnectionManager 'jboss.jca:service=ConnectionFactoryBinding,name=JmsXA' to JNDI name 'java:JmsXA'
      14:39:59,211 INFO [ConnectionFactoryBindingService] Bound ConnectionManager 'jboss.jca:service=DataSourceBinding,name=NYDNDS' to JNDI name 'java:NYDNDS'

      Here is a printout from the security.log:


      2006-08-28 15:51:11,391 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(NYDNSecurityRealm), size=9
      2006-08-28 15:51:11,401 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(NYDNSecurityRealm), authInfo=AppConfigurationEntry[]:
      [0]
      LoginModule Class: org.jboss.security.ClientLoginModule
      ControlFlag: LoginModuleControlFlag: required
      Options:[1]
      LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
      ControlFlag: LoginModuleControlFlag: required
      Options:name=rolesQuery, value=select regs_user_roles.role_name, 'Roles' from regs_user, regs_user_roles where regs_user_roles.user_id=regs_user.user_id and regs_user.logon_id=?
      name=principalsQuery, value=select password from regs_user where logon_id=?
      name=password-stacking, value=useFirstPass
      name=dsJndiName, value=java:/NYDNDS

      2006-08-28 15:51:11,541 TRACE [org.jboss.security.ClientLoginModule] Begin login
      2006-08-28 15:51:11,561 TRACE [org.jboss.security.ClientLoginModule] Obtained login: benzyp@yahoo.com, credential.class: [C
      2006-08-28 15:51:11,571 TRACE [org.jboss.security.ClientLoginModule] End login
      2006-08-28 15:51:11,651 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize, instance=@23253169
      2006-08-28 15:51:11,661 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/NYDNDS
      2006-08-28 15:51:11,671 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=select password from regs_user where logon_id=?
      2006-08-28 15:51:11,671 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=select regs_user_roles.role_name, 'Roles' from regs_user, regs_user_roles where regs_user_roles.user_id=regs_user.user_id and regs_user.logon_id=?
      2006-08-28 15:51:11,691 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendResume=true
      2006-08-28 15:51:11,711 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
      2006-08-28 15:51:11,711 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction
      2006-08-28 15:51:11,731 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction
      2006-08-28 15:51:11,761 TRACE [org.jboss.security.ClientLoginModule] abort
      2006-08-28 15:51:12,643 DEBUG [org.jboss.security.SecurityAssociation] Using ThreadLocal: false
      2006-08-28 15:51:13,003 TRACE [org.jboss.security.SecurityAssociation] clear, server=false
      2006-08-28 15:51:13,013 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort
      2006-08-28 15:51:14,475 TRACE [org.jboss.security.SecurityAssociation] popRunAsIdentity, runAs=null
      2006-08-28 15:51:14,495 TRACE [org.jboss.security.SecurityAssociation] clear, server=true

      I have gone over the configuration many times and all seems to be in order. No problems with the db user account, or the queries - I have verified them. Here is the login-config.xml entry

      <application-policy name="NYDNSecurityRealm">

      <login-module code="org.jboss.security.ClientLoginModule" flag="required">
      </login-module>
      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
      <module-option name="dsJndiName">java:/NYDNDS</module-option>
      <module-option name="principalsQuery">
      select password from regs_user where logon_id=?</module-option>
      <module-option name="rolesQuery">
      select regs_user_roles.role_name, 'Roles' from regs_user, regs_user_roles where regs_user_roles.user_id=regs_user.user_id and regs_user.logon_id=?</module-option>
      <!--module-option name="defaultRole">Authenticated</module-option-->
      <module-option name="password-stacking">useFirstPass</module-option>
      <!--module-option name="hashAlgorithm">MD5</module-option>
      <module-option name="hashEncoding">base64</module-option-->
      </login-module>

      </application-policy>


      And to top it all off this was working like a charm and suddenly stopped. I know the last thing I did was to add logging to the servlet code. Any help would be greatly appreciated as I have been struggling with this for about 3 days now and it has halted my development.

        • 1. Re: Lost datasource
          k k Newbie

          I have the same problem did you found the solution?

          • 2. Re: Lost datasource
            Daniel König Newbie

            actually i'm facing the same problem. has anyone a solution? i even bought a jboss book today. tried the sample from it and guess what, i didn't worked...
            (i'am using jboss 4.0.4 with ejb3 container). with org.jboss.security.auth.spi.UsersRolesLoginModule it is working fine, but this is not solution for me. has anyone a solution for that problem with the DataBaseServerLoginModule?

            Any help is appreciated. Thanks.

            • 3. Re: Lost datasource
              Ben Pernikoff Newbie

              I wish I had an answer for you. I was experiencing this problem on my dev box. When we configured our test environment we did not experience any issues so it has something to do with the configuration of the datasource. Wish I could be of more help but I myself don't know what went right.

              • 4. Re: Lost datasource
                Andy W. Clements Newbie

                Hello Forum Folks,

                I too, was having the exact same problem with the disappearing datasource. However, I think I found a solution. I thought it was odd that the DatabaseServerLoginModule would load the datasource parameter then be unable to find the datasource. I guess that it might be a class loader problem. so I changed the UseJBossWebLoader from false to true in the {jboss.root.directory}/server/{server-type}/deploy/jbossweb-tomcat55.sar/META-INF/jboss-service.xml file like so:

                 <!-- A flag indicating if the JBoss Loader should be used. This loader
                 uses a unified class loader as the class loader rather than the tomcat
                 specific class loader.
                 The default is false to ensure that wars have isolated class loading
                 for duplicate jars and jsp files.
                 -->
                 <attribute name="UseJBossWebLoader">true</attribute>
                

                And now, we have the datasource back again and the authentication module is running the queries. Now, since I have only one app running on my jboss, I don't think I will have any real problems, however, those with multiple apps may see more memory usage because the same jars need to be loaded for each app. There may be other side effects to this, I'm not certain (but I'll find out shortly). I'm sure the experts can chime in, in case I am total off-base here.

                How this helps. And now, back to debugging the rest of my app.

                --Andy