3 Replies Latest reply on Oct 12, 2001 4:48 AM by Achilleus Mantzios

    JSP custom taglib/security context problem

    Achilleus Mantzios Newbie

      Hi ,
      i have made my own taglib in order to facilitate page layout with templates.
      I every page i have
      - header
      - sidebar
      - content
      - footer

      My taglib code that does the actual insertion has as follows:
      pageContext.include(<a url>);

      Now the problem.

      I access beans, which access EJBs, from the content JSP page.
      When this JSP page is the *first* jsp page included (inserted) (that is,
      every other page is HTML), then everything is ok.
      If there is a JSP page (e.g header) inserted before my content JSP page,
      then the security context is not propagated from the web container (tomcat)
      to the EJB container (jboss).

      Anyone had similar problems??
      Any (direct) clues for debugging??

      jboss.log
      =========

      [JBossSecurityMgrRealm] Authenticating access, username: amantzio R( /sma + /mc/viewall + null)
      [JBossSecurityMgrRealm] ClassLoader: AdaptiveClassLoader( ):1504437
      [JBossSecurityMgrRealm] Servlet ClassLoader: AdaptiveClassLoader( ):1504437
      [Default] Logging into LDAP server, env={userSrchBase=o=hermes, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, principalDNPrefix=CN=, java.naming.security.principal=amantzio, roleAttributeID=cn, matchOnUserDN=true, principalDNSuffix=,o=hermes, rolesCtxDN=, java.naming.provider.url=ldap://hermes/, uidAttributeID=member, java.naming.security.authentication=simple, java.naming.security.credentials=}
      [Default] Logged into LDAP server, javax.naming.ldap.InitialLdapContext@412978
      [Default] User 'amantzio' authenticated.
      [JBossSecurityMgrRealm] Username: amantzio is authenticated
      [JBossSecurityMgrRealm] Authorizing access, username: amantzio R( /sma + /mc/viewall + null)
      [JBossSecurityMgrRealm] ClassLoader: AdaptiveClassLoader( ):1504437
      [JBossSecurityMgrRealm] Servlet ClassLoader: AdaptiveClassLoader( ):1504437
      [JBossSecurityMgrRealm] User: amantzio is authorized
      [Default] ejbFindByname amantzio
      [pgsql] Resource 'org.jboss.pool.jdbc.xa.wrapper.XAResourceImpl@5d89f9' enlisted for 'org.jboss.pool.jdbc.xa.wrapper.XAConnectionImpl@3020ad'.
      [pgsql] Pool pgsql [1/1/10] gave out pooled object: org.jboss.pool.jdbc.xa.wrapper.XAConnectionImpl@3020ad
      [pgsql] Pool pgsql [0/1/10] returned object org.jboss.pool.jdbc.xa.wrapper.XAConnectionImpl@3020ad to the pool.
      [Default] Bad password for username=null
      [Default] javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
      [Default] at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:107)
      [Default]
      [Default] at java.lang.reflect.Method.invoke(Native Method)
      [Default]
      [Default] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:595)
      [Default]
      [Default] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:125)
      [Default]
      [Default] at javax.security.auth.login.LoginContext$3.run(LoginContext.java:531)
      [Default]
      [Default] at java.security.AccessController.doPrivileged(Native Method)
      [Default]
      [Default] at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:528)
      [Default]
      [Default] at javax.security.auth.login.LoginContext.login(LoginContext.java:449)
      [Default]
      [Default] at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:362)
      [Default]
      [Default] at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:328)
      [Default]
      [Default] at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:215)
      [Default]
      [Default] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:164)
      [Default]
      [Default] at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:92)
      [Default]
      [Default] at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:106)
      [Default]
      [Default] at org.jboss.ejb.EntityContainer.invokeHome(EntityContainer.java:342)
      [Default]
      [Default] at org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invokeHome(JRMPContainerInvoker.java:437)
      [Default]
      [Default] at org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invokeHome(HomeProxy.java:237)
      [Default]
      [Default] at org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:182)
      [Default]
      [Default] at $Proxy5.findByName(Unknown Source)
      [Default]
      [Default] at mgmtcomp._0002fmgmtcomp_0002ffooviewall_0002ejspfooviewall_jsp_9._jspService(_0002fmgmtcomp_0002ffooviewall_0002ejspfooviewall_jsp_9.java:93)
      [Default]
      [Default] at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:119)
      [Default]
      [Default] at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
      [Default]
      [Default] at org.apache.jasper.servlet.JspServlet$JspCountedServlet.service(JspServlet.java:130)
      [Default]
      [Default] at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
      [Default]
      [Default] at org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.java:282)
      [Default]
      [Default] at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429)
      [Default]
      [Default] at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:500)
      [Default]
      [Default] at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
      [Default]
      [Default] at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405)
      [Default]
      [Default] at org.apache.tomcat.core.Handler.service(Handler.java:287)
      [Default]
      [Default] at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372)
      [Default]
      [Default] at org.apache.tomcat.facade.RequestDispatcherImpl.doInclude(RequestDispatcherImpl.java:400)
      [Default]
      [Default] at org.apache.tomcat.facade.RequestDispatcherImpl.include(RequestDispatcherImpl.java:270)
      [Default]
      [Default] at org.apache.jasper.runtime.PageContextImpl.include(PageContextImpl.java:414)
      [Default]
      [Default] at com.dynacom.taglib.InsertTag.doEndTag(InsertTag.java:51)
      [Default]
      [Default] at MCtmpls._0002fMCtmpls_0002ftemplate_0002ejsptemplate_jsp_49._jspService(_0002fMCtmpls_0002ftemplate_0002ejsptemplate_jsp_49.java:527)
      [Default]
      [Default] at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:119)
      [Default]
      [Default] at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
      [Default]
      [Default] at org.apache.jasper.servlet.JspServlet$JspCountedServlet.service(JspServlet.java:130)
      [Default]
      [Default] at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
      [Default]
      [Default] at org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.java:282)
      [Default]
      [Default] at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429)
      [Default]
      [Default] at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:500)
      [Default]
      [Default] at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
      [Default]
      [Default] at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405)
      [Default]
      [Default] at org.apache.tomcat.core.Handler.service(Handler.java:287)
      [Default]
      [Default] at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372)
      [Default]
      [Default] at org.apache.tomcat.facade.RequestDispatcherImpl.doForward(RequestDispatcherImpl.java:222)
      [Default]
      [Default] at org.apache.tomcat.facade.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:162)
      [Default]
      [Default] at MCDispatcher.doGet(MCDispatcher.java:9)
      [Default]
      [Default] at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
      [Default]
      [Default] at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
      [Default]
      [Default] at org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405)
      [Default]
      [Default] at org.apache.tomcat.core.Handler.service(Handler.java:287)
      [Default]
      [Default] at org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372)
      [Default]
      [Default] at org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:812)
      [Default]
      [Default] at org.apache.tomcat.core.ContextManager.service(ContextManager.java:758)
      [Default]
      [Default] at org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpConnectionHandler.java:213)
      [Default]
      [Default] at org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
      [Default]
      [Default] at org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501)
      [Default]
      [Default] at java.lang.Thread.run(Thread.java:484)
      [Default]
      [mgmtcompany] Authentication exception, principal=null