8 Replies Latest reply on Nov 18, 2010 10:01 AM by Marco Brizi

    User: null is NOT authenticated

    Gaurav Bansal Newbie

      We are currently using JBoss v4.2.3.ga and have upgraded JBoss messaging to v 1.4.4 and JBoss remoting to v2.2.3.

      JMS messages are sent & received without any exceptions for initial 3-4 days. After that we are observing exception messages javax.jms.JMSSecurityException: User null is NOT authenticated , whenever we are trying to create the connection.

      We have seen that there is no deadlock on JBoss AS and other DB operations are working normally.

      We are using the following security domain for JMS

      <application-policy name="messaging">

      <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
      flag = "required">
      <module-option name = "unauthenticatedIdentity">guest</module-option>
      <module-option name = "dsJndiName">java:/DefaultDS</module-option>
      <module-option name = "principalsQuery">SELECT PASSWD FROM JBM_USER WHERE USER_ID=?</module-option>
      <module-option name = "rolesQuery">SELECT ROLE_ID, 'Roles' FROM JBM_ROLE WHERE USER_ID=?</module-option>
      </login-module>

      </application-policy>

        • 1. Re: User: null is NOT authenticated
          Yong Hao Gao Master

          Hi,

          Do you have the stack trace and if you do can you please post here? Thanks.

          Howard

          • 2. Re: User: null is NOT authenticated
            Tyronne Wickramarathne Newbie

            You'd normally encounter this problem, when your JBM/Persistence configuration is broken. I'd like to see what does the "messaging" application policy has to say on this. Hence, please add the following in your log4j configuration and obtain the logs:





            Cheers

            • 3. Re: User: null is NOT authenticated
              Gaurav Bansal Newbie

              The exception stack trace is provided below:
              ===============================
              [org.jboss.jms.server.security.SecurityMetadataStore.authenticate(SecurityMetadataStore.java:200),
              org.jboss.jms.server.endpoint.ServerConnectionFactoryEndpoint.createConnectionDelegateInternal(ServerConnectionFactoryEndpoint.java:233), org.jboss.jms.server.endpoint.ServerConnectionFactoryEndpoint.createConnectionDelegate(ServerConnectionFactoryEndpoint.java:171), org.jboss.jms.server.endpoint.advised.ConnectionFactoryAdvised.org$jboss$jms$server$endpoint$advised$ConnectionFactoryAdvised$createConnectionDelegate$aop(ConnectionFactoryAdvised.java:108), org.jboss.jms.server.endpoint.advised.ConnectionFactoryAdvised.createConnectionDelegate(ConnectionFactoryAdvised.java), org.jboss.jms.wireformat.ConnectionFactoryCreateConnectionDelegateRequest.serverInvoke(ConnectionFactoryCreateConnectionDelegateRequest.java:91), org.jboss.jms.server.remoting.JMSServerInvocationHandler.invoke(JMSServerInvocationHandler.java:143), org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:862), org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:609), org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:421), org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:174), org.jboss.remoting.MicroRemoteClientInvoker.invoke(MicroRemoteClientInvoker.java:182), org.jboss.remoting.Client.invoke(Client.java:1858), org.jboss.remoting.Client.invoke(Client.java:718), org.jboss.jms.client.delegate.ClientConnectionFactoryDelegate.org$jboss$jms$client$delegate$ClientConnectionFactoryDelegate$createConnectionDelegate$aop(ClientConnectionFactoryDelegate.java:178), org.jboss.jms.client.delegate.ClientConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.invokeNext(ClientConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.java), org.jboss.jms.client.container.StateCreationAspect.handleCreateConnectionDelegate(StateCreationAspect.java:80), org.jboss.aop.advice.org.jboss.jms.client.container.StateCreationAspect0.invoke(StateCreationAspect0.java), org.jboss.jms.client.delegate.ClientConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.invokeNext(ClientConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.java), org.jboss.jms.client.delegate.ClientConnectionFactoryDelegate.createConnectionDelegate(ClientConnectionFactoryDelegate.java), org.jboss.jms.client.container.ClusteringAspect.handleCreateConnectionDelegate(ClusteringAspect.java:134), sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method), sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source), sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source), java.lang.reflect.Method.invoke(Unknown Source), org.jboss.aop.advice.PerInstanceAdvice.invoke(PerInstanceAdvice.java:121), org.jboss.jms.client.delegate.ClientClusteredConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.invokeNext(ClientClusteredConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.java), org.jboss.jms.client.delegate.ClientClusteredConnectionFactoryDelegate.createConnectionDelegate(ClientClusteredConnectionFactoryDelegate.java), org.jboss.jms.client.JBossConnectionFactory.createConnectionInternal(JBossConnectionFactory.java:205), org.jboss.jms.client.JBossConnectionFactory.createConnection(JBossConnectionFactory.java:87), org.jboss.jms.client.JBossConnectionFactory.createConnection(JBossConnectionFactory.java:82), com.avaya.sampleconsumer.JMSProducer.connect(JMSProducer.java:104), com.avaya.sampleconsumer.JMSProducer.main(JMSProducer.java:39)]

              • 4. Re: User: null is NOT authenticated
                Gaurav Bansal Newbie

                Hi Tyronne Wickramarathne,

                You missed to attach the configuration to be added to log4j.xml file

                • 5. Re: User: null is NOT authenticated
                  Tyronne Wickramarathne Newbie

                   

                  "gbansal80" wrote:
                  Hi Tyronne Wickramarathne,

                  You missed to attach the configuration to be added to log4j.xml file


                  my bad, i forgot to format the html elements. there you go :
                  ....
                  <category name="org.jboss.security.plugins.JaasSecurityManager.messaging">
                   <priority value="TRACE" class="org.jboss.logging.XLevel"></priority>
                  </category>
                  ....
                  


                  Cheers

                  • 6. Re: User: null is NOT authenticated
                    Gaurav Bansal Newbie

                    It seems that our code is performing logout action which is clearing Principal from cache because of NullPointerException is thrown (User Null Is Not Authenticated). The relevant portions of the stack trace are provided below:




                    2009-10-27 12:04:43,216 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] Begin isValid, principal:null, cache info: null
                    2009-10-27 12:04:43,216 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] defaultLogin, principal=null
                    2009-10-27 12:04:43,217 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] Login failure
                    javax.security.auth.login.LoginException: java.lang.NullPointerException
                    at com.avaya.security.authorization.common.AuthorizationUtil.publishMessage(AuthorizationUtil.java:369)
                    at com.avaya.security.authorization.client.AuthorizationClient.sendUserLogoutNotification(AuthorizationClient.java:1111)
                    at com.avaya.mgmt.console.framework.bean.CommonConsoleIdentity.logoutaction(CommonConsoleIdentity.java:368)



                    However I still have following questions:

                    1/ In case the principal=null, why can't guest credentials be used for sending the message. In the "messaging" application policy, it has been already configured that any unauthenticated user will assume "guest" credential ( <module-option name = "unauthenticatedIdentity">guest</module-option>
                    ) . So why in this case "guest" credentials are not used.
                    2/ Any reasons why this exception starts coming only after the system has been up for more than 2 days.

                    The complete stack trace is pasted below:

                    2009-10-27 12:04:43,119 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] doesUserHaveRole(Set), subject: Subject:
                    Principal: guest
                    Principal: Roles(members:john,guest,j2ee)

                    2009-10-27 12:04:43,119 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] roles=Roles(members:john,guest,j2ee)
                    2009-10-27 12:04:43,119 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] hasRole(guest)=true
                    2009-10-27 12:04:43,119 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] hasRole=true
                    2009-10-27 12:04:43,216 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] Begin isValid, principal:null, cache info: null
                    2009-10-27 12:04:43,216 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] defaultLogin, principal=null
                    2009-10-27 12:04:43,217 TRACE [org.jboss.security.plugins.JaasSecurityManager.messaging] Login failure
                    javax.security.auth.login.LoginException: java.lang.NullPointerException

                    at javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
                    at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
                    at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
                    at java.security.AccessController.doPrivileged(Native Method)
                    at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
                    at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
                    at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
                    at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
                    at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
                    at org.jboss.jms.server.security.SecurityMetadataStore.authenticate(SecurityMetadataStore.java:188)
                    at org.jboss.jms.server.endpoint.ServerConnectionFactoryEndpoint.createConnectionDelegateInternal(ServerConnectionFactoryEndpoint.java:233)
                    at org.jboss.jms.server.endpoint.ServerConnectionFactoryEndpoint.createConnectionDelegate(ServerConnectionFactoryEndpoint.java:171)
                    at org.jboss.jms.server.endpoint.advised.ConnectionFactoryAdvised.org$jboss$jms$server$endpoint$advised$ConnectionFactoryAdvised$createConnectionDelegate$aop(ConnectionFactoryAdvised.java:108)
                    at org.jboss.jms.server.endpoint.advised.ConnectionFactoryAdvised.createConnectionDelegate(ConnectionFactoryAdvised.java)
                    at org.jboss.jms.wireformat.ConnectionFactoryCreateConnectionDelegateRequest.serverInvoke(ConnectionFactoryCreateConnectionDelegateRequest.java:91)
                    at org.jboss.jms.server.remoting.JMSServerInvocationHandler.invoke(JMSServerInvocationHandler.java:143)
                    at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:862)
                    at org.jboss.remoting.transport.local.LocalClientInvoker.invoke(LocalClientInvoker.java:101)
                    at org.jboss.remoting.Client.invoke(Client.java:1858)
                    at org.jboss.remoting.Client.invoke(Client.java:718)
                    at org.jboss.jms.client.delegate.ClientConnectionFactoryDelegate.org$jboss$jms$client$delegate$ClientConnectionFactoryDelegate$createConnectionDelegate$aop(ClientConnectionFactoryDelegate.java:178)
                    at org.jboss.jms.client.delegate.ClientConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.invokeNext(ClientConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.java)
                    at org.jboss.jms.client.container.StateCreationAspect.handleCreateConnectionDelegate(StateCreationAspect.java:80)
                    at org.jboss.aop.advice.org.jboss.jms.client.container.StateCreationAspect0.invoke(StateCreationAspect0.java)
                    at org.jboss.jms.client.delegate.ClientConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.invokeNext(ClientConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.java)
                    at org.jboss.jms.client.delegate.ClientConnectionFactoryDelegate.createConnectionDelegate(ClientConnectionFactoryDelegate.java)
                    at org.jboss.jms.client.container.ClusteringAspect.handleCreateConnectionDelegate(ClusteringAspect.java:134)
                    at sun.reflect.GeneratedMethodAccessor880.invoke(Unknown Source)
                    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                    at java.lang.reflect.Method.invoke(Method.java:597)
                    at org.jboss.aop.advice.PerInstanceAdvice.invoke(PerInstanceAdvice.java:121)
                    at org.jboss.jms.client.delegate.ClientClusteredConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.invokeNext(ClientClusteredConnectionFactoryDelegate$createConnectionDelegate_N3019492359065420858.java)
                    at org.jboss.jms.client.delegate.ClientClusteredConnectionFactoryDelegate.createConnectionDelegate(ClientClusteredConnectionFactoryDelegate.java)
                    at org.jboss.jms.client.JBossConnectionFactory.createConnectionInternal(JBossConnectionFactory.java:205)
                    at org.jboss.jms.client.JBossConnectionFactory.createConnection(JBossConnectionFactory.java:87)
                    at org.jboss.jms.client.JBossConnectionFactory.createConnection(JBossConnectionFactory.java:82)
                    at com.avaya.security.authorization.common.AuthorizationUtil.publishMessage(AuthorizationUtil.java:369)
                    at com.avaya.security.authorization.client.AuthorizationClient.sendUserLogoutNotification(AuthorizationClient.java:1111)
                    at com.avaya.mgmt.console.framework.bean.CommonConsoleIdentity.logoutaction(CommonConsoleIdentity.java:368)
                    at sun.reflect.GeneratedMethodAccessor3950.invoke(Unknown Source)
                    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
                    at java.lang.reflect.Method.invoke(Method.java:597)
                    at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:328)
                    at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:341)
                    at org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58)
                    at org.jboss.el.parser.AstValue.invoke(AstValue.java:96)
                    at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
                    at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
                    at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:69)
                    at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
                    at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190)
                    at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:458)
                    at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:763)
                    at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82)
                    at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100)
                    at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
                    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
                    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
                    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._invokeDoFilter(TrinidadFilterImpl.java:238)
                    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:195)
                    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:138)
                    at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
                    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
                    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                    at org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:147)
                    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
                    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                    at com.avaya.panther.faces.util.ResourceInjectionFilter.doFilter(ResourceInjectionFilter.java:36)
                    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
                    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                    at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
                    at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58)
                    at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
                    at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
                    at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
                    at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
                    at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
                    at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:44)
                    at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
                    at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:150)
                    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
                    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                    at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
                    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
                    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
                    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
                    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
                    at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
                    at com.avaya.security.iam.tomcat.HTTPAuthInterceptor.invoke(HTTPAuthInterceptor.java:1077)
                    at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
                    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
                    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
                    at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
                    at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:420)
                    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
                    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
                    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
                    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
                    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
                    at java.lang.Thread.run(Thread.java:619)

                    • 7. Re: User: null is NOT authenticated
                      Marco Brizi Newbie

                      I have exactly the same problem and the same questions.

                      In my opinion the exception starts coming after Jaas Security Cache Timeout (see <attribute name="DefaultCacheTimeout"> in jboss-service.xml) that, in my case, is setted to 5 mins.

                      I've tried to disable security cache (DefaultCacheTimeout=0) but with this configuration the problem appears immediately.

                      Does anyone how to solve this error?

                      • 8. Re: User: null is NOT authenticated
                        Marco Brizi Newbie

                        The problem I have described was caused by a deployed application that attempt to modify configured login modules in javax.security.auth.login.Configuration. After this operation the jmx-console login module is not available anymore and the authentication is available only before the DefaultCacheTimeout period (5 mins).

                        I hope this could help someone.