0 Replies Latest reply on Jun 6, 2010 2:08 PM by Davi Baldin

    Jaas login is failing 95% of the time: NullPointerException

    Davi Baldin Newbie

      Hi All,

       

      I've sucessfully configured Jaas to secure my application. I have more then one web context into the EAR application as following:

       

      SingleSignOn is ON

       

      EAR

      /     - Jaas is working vey well.

      /itsm - Jaas fails 99% if the time. If I restart the application it works only at first attempt, and if I redeploy the ear context it works one or two times after several attemps (but If I try to login from / I always login)

       

      CONFIGURATION

       

      server.xml

       

      <Host name="presentia">
                   <Alias>www.xyz.com.br</Alias>
                  <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
                  <Valve className="org.jboss.web.tomcat.service.jca.CachedConnectionValve"
                      cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
                      transactionManagerObjectName="jboss:service=TransactionManager" />               
               </Host>

       

      (Each context's jboss-web.xml)

       

      <jboss-web>
        <security-domain>java:/jaas/presentia</security-domain>

        <context-root>/</context-root>
        <virtual-host>presentia</virtual-host>
      </jboss-web>

       

      <jboss-web>
         <security-domain>java:/jaas/presentia</security-domain>

        <context-root>/itsm</context-root>
         <virtual-host>presentia</virtual-host>
      </jboss-web>

       

       

      web.xml is configured to work as usual.

       

      Error message I receive when debugging JAAS when the login attempt fails:

       

      14:41:38,187 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:{}
      14:41:38,187 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.presentia] Begin isValid, principal:davi, cache info: null
      14:41:38,187 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.presentia] defaultLogin, principal=davi
      14:41:38,187 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(presentia), size=14
      14:41:38,187 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(presentia), authInfo=AppConfigurationEntry[]:
      [0]
      LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
      ControlFlag: LoginModuleControlFlag: required
      Options:
      name=hashAlgorithm, value=MD5
      name=principalsQuery, value=select p.value from users.user u, users.user_profile p where p.userid = u.id and p.key = 'password' and u.uid = ?
      name=unauthenticatedIdentity, value=ANONYMOUS
      name=hashEncoding, value=hex
      name=dsJndiName, value=java:/SarbarianDS
      name=rolesQuery, value=select role, 'Roles' from users.user_role_join j, users.user u where j.userid = u.id and u.uid = ?

       

      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Security domain: presentia
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Saw unauthenticatedIdentity=ANONYMOUS
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Password hashing activated: algorithm = MD5, encoding = hex, charset = {default}, callback = null, storeCallback = null
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/SarbarianDS
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=select p.value from users.user u, users.user_profile p where p.userid = u.id and p.key = 'password' and u.uid = ?
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=select role, 'Roles' from users.user_role_join j, users.user u where j.userid = u.id and u.uid = ?
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendResume=true
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction
      14:41:38,187 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] abort
      14:41:38,187 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.presentia] Login failure
      javax.security.auth.login.LoginException: java.lang.NullPointerException
          at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:173)
          at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:245)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
          at java.lang.reflect.Method.invoke(Unknown Source)
          at javax.security.auth.login.LoginContext.invoke(Unknown Source)
          at javax.security.auth.login.LoginContext.access$000(Unknown Source)
          at javax.security.auth.login.LoginContext$4.run(Unknown Source)
          at java.security.AccessController.doPrivileged(Native Method)
          at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
          at javax.security.auth.login.LoginContext.login(Unknown Source)
          at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
          at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
          at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
          at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
          at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
          at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258)
          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
          at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
          at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
          at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
          at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
          at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:383)
          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
          at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
          at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
          at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
          at java.lang.Thread.run(Unknown Source)

       

          at javax.security.auth.login.LoginContext.invoke(Unknown Source)
          at javax.security.auth.login.LoginContext.access$000(Unknown Source)
          at javax.security.auth.login.LoginContext$4.run(Unknown Source)
          at java.security.AccessController.doPrivileged(Native Method)
          at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
          at javax.security.auth.login.LoginContext.login(Unknown Source)
          at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:552)
          at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:486)
          at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
          at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
          at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebRealm.java:384)
          at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258)
          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
          at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
          at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
          at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
          at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
          at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:383)
          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
          at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
          at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
          at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
          at java.lang.Thread.run(Unknown Source)
      14:41:38,187 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.presentia] End isValid, false
      14:41:38,187 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null

       

       

      How can I drive to a solution here? Does anyone got this odd behavour before?

       

      THanks,

       

      Davi