1 Reply Latest reply on Jan 29, 2002 8:08 PM by Mike

    HELP: Urgent: Jboss/Catalina strange behaviour after authent

    vadimp Newbie

      Hello, guys. Hope somebody already faced the following problem.

      We developed an application which was successfully run under previous version of jboss/tomcat (JBoss-2.4.1_Tomcat-3.2.3) without any problems.

      Now we're trying to move it to JBoss-2.4.4_Tomcat-4.0.1. We made all changes as was described here to get SSL working, so it works, but right after authentication procedure (FORM based, which completes successfully, as I can judge by the logs) we get:

      java.lang.NullPointerException
      at org.apache.catalina.valves.ErrorDispatcherValve.status(ErrorDispatcherValve.java:291)
      at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:180)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:163)
      at org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)
      at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1011)
      at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1106)
      at java.lang.Thread.run(Thread.java:484)

      And the browser displays error page 500 (internal server error). So we cannot access any areas of our application, which are protected, despite that authentication was successful.

      If we configure catalina to use no SSL, stuff works just fine. We have a custom authentication module, which is used by org.jboss.security.auth.spi.ProxyLoginModule (in auth.conf). There were no changes in this module since last version. This module extends org.jboss.security.auth.spi.AbstractServerLoginModule.

      So now we have tried almost everything. May be you have any ideas?

      PS. A nightly built Catalina (one of recent ones) throws no such exceptions, but just redirects to the error page 403, which says, that we have no permissions to access that area.

      PPS. jboss.jcml SSL configuration is as follows:


      org.jboss.security.plugins.JaasSecurityManager







      file:/C:/JBoss-2.4.4_Tomcat-4.0.1/catalina/.keystore
      password




      80
      443










        • 1. Re: HELP: Urgent: Jboss/Catalina strange behaviour after aut
          Mike Newbie

          When this happens, click re-fresh and you will see something like '/j_security_check not found' or similar?

          What page are you trying to access? I have found that if you go directly to the '/login.jsp' that you put into the form login tags in the web.xml instead of the on of the protected pages (like a 'main.jsp' or something) you often get this error.

          What is the url you are trying to go to?
          The important part of the web.xml is:

          <login-config>
          <auth-method>FORM</auth-method>
          <realm-name>JAAS Tutorial Servlets</realm-name>
          <form-login-config>
          <form-login-page>login.jsp</form-login-page>
          <form-error-page>error.jsp</form-error-page>
          </form-login-config>
          </login-config>

          If I point the browser to
          https://localhost/jaas-example2/restricted/SecureServlet

          I am automatically redirected to ./login.jsp where I am authenticated and then sent to the above url. If I point to
          https://localhost/jaas-example2/login.jsp
          I'm not really trying to get to a protected area and j_security_check is not invoked...thus the 500 error.

          Try this and see if it helps.

          BTW, are you prompted to accept your homemade certificate when hitting an https url as configured above (I know the config is correct since its the one I posted a few weeks ago ;))

          Mike