3 Replies Latest reply on Jun 9, 2011 3:02 AM by Sergiu Pienar

    IDP example issue with JBoss AS 5.1.0.GA

    Daniel Bevenius Master

      Hi,

      I've been trying out the examples employee and sales and this works fine using JBoss AS 4.2.3.

      But when I try this with JBoss AS 5.1.0.GA then I get the following error in the server console:

      20:20:39,292 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
      java.lang.IllegalArgumentException: callerSubject is null
       at org.jboss.security.plugins.javaee.WebAuthorizationHelper.hasRole(WebAuthorizationHelper.java:125)
       at org.jboss.web.tomcat.security.SecurityAssociationActions$10.run(SecurityAssociationActions.java:363)
       at org.jboss.web.tomcat.security.SecurityAssociationActions$10.run(SecurityAssociationActions.java:361)
       at java.security.AccessController.doPrivileged(Native Method)
       at org.jboss.web.tomcat.security.SecurityAssociationActions.hasRole(SecurityAssociationActions.java:359)
       at org.jboss.web.tomcat.security.JBossWebRealm.hasRole(JBossWebRealm.java:598)
       at org.apache.catalina.realm.RealmBase.hasResourcePermission(RealmBase.java:789)
       at org.jboss.web.tomcat.security.JBossWebRealm.hasResourcePermission(JBossWebRealm.java:475)
       at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:507)
       at org.apache.catalina.valves.RequestDumperValve.invoke(RequestDumperValve.java:151)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
       at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
       at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
       at java.lang.Thread.run(Thread.java:595)
      


      Is there something I should have done differently when deploying to AS 5.1.0.GA?

      I'd be happy to post deployment descriptor that might be of interest to you. Just let me know which ones.

      Thanks,

      /Daniel

        • 2. Re: IDP example issue with JBoss AS 5.1.0.GA
          Daniel Bevenius Master

          Hi Anil,

          sorry for the late reply here...

          I've tried this with 1.0.0.beta2 and I'm now able to login. I am seeing a error in the server console though:

          ERROR [IDPWebRequestUtil] Exception in generating attributes:
          java.lang.RuntimeException: Not Implemented
           at org.jboss.identity.federation.bindings.tomcat.TomcatAttributeManager.getAttributes(TomcatAttributeManager.java:44)
           at org.jboss.identity.federation.core.impl.DelegatedAttributeManager.getAttributes(DelegatedAttributeManager.java:69)
           at org.jboss.identity.federation.web.util.IDPWebRequestUtil.getResponse(IDPWebRequestUtil.java:180)
           at org.jboss.identity.federation.bindings.tomcat.idp.IDPWebBrowserSSOValve.invoke(IDPWebBrowserSSOValve.java:274)
           at org.jboss.identity.federation.bindings.tomcat.idp.IDPSAMLDebugValve.invoke(IDPSAMLDebugValve.java:57)
           at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
           at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
           at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
           at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
           at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
           at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
           at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
           at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
           at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
           at java.lang.Thread.run(Thread.java:595)
          

          Since I'm running this in JBoss AS I thought that perhaps I've not configured this correctly and should be using the JBossAppServerAttributeManager instead.
          I configured this in idp.war/WEB-INF/jboss-idfedxml:
          <JBossIDP xmlns="urn:jboss:identity-federation:config:1.0"
           AttributeManager="org.jboss.identity.federation.bindings.jboss.attribute.JBossAppServerAttributeManager">
          <IdentityURL>http://localhost:8080/idp/</IdentityURL>
          <Trust>
           <Domains>localhost,jboss.com,jboss.org</Domains>
          </Trust>
          </JBossIDP>

          Am I making a correct assumption here?

          Thanks,

          /Daniel



          • 3. Re: IDP example issue with JBoss AS 5.1.0.GA
            Sergiu Pienar Apprentice

            Hi Daniel,


            Have you found any solution to your problem ?

             

            I'm running a JBoss 5.1.0 GA with Terracotta Session Clustering. I experience the following problem :

             

            http://community.jboss.org/thread/167657.


            Thanks.

             

            Sergiu.