1 Reply Latest reply on Aug 6, 2003 10:50 AM by Tilo Thiele

    java.lang.SecurityException: Authentication exception, princ

    Tilo Thiele Newbie

      Hi JAAS folks,

      I wonder why the security interceptor complains about a null priciple.
      Why does he so? There are the proper Priciples as shown in the log. But why
      don't they appear in the ejbCreate method? I think there is nothing wrong with the
      descriptors, isn't it? JBoss-Version: 3.2.1

      Help please
      Tilo

      -------------------------------------------------------------------------------------
      Java-Code:

      UsernamePasswordHandler handler = new UsernamePasswordHandler(uname, passwd.toCharArray());
      LoginContext lc = new LoginContext(loginConfig, handler);
      lc.login();
      Iterator it = lc.getSubject().getPrincipals().iterator();
      while(it.hasNext()) {
      Object o = it.next();
      System.out.println("principle: "+o.getClass().getName()+ " "+o);
      }
      ReportMgr h=null;
      try {
      // the following invokation (create()) raises a SecurityException
      h = ReportMgrUtil.getHome().create();
      h.findAllReports();
      } finally {
      try { h.remove(); } catch(Exception e1) {}
      }
      lc.logout();

      -------------------------------------------------------------------------------------
      Log:

      12:12:04,490 INFO [RepositoryInitializer] initializing RepositoryInitServlet
      12:12:04,504 INFO [STDOUT] principle: org.jboss.security.SimplePrincipal admin
      12:12:04,505 INFO [STDOUT] principle: org.jboss.security.NestableGroup Roles(members:admin,user)
      12:12:04,517 ERROR [SecurityInterceptor] Authentication exception, principal=null
      12:12:04,518 ERROR [LogInterceptor] EJBException, causedBy:
      java.lang.SecurityException: Authentication exception, principal=null
      at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:162)
      at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:81)
      at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:120)
      at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invokeHome(ProxyFactoryFinderInterceptor.java:93)
      at org.jboss.ejb.StatelessSessionContainer.internalInvokeHome(StatelessSessionContainer.java:310)
      at org.jboss.ejb.Container.invoke(Container.java:694)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at org.jboss.mx.capability.ReflectedMBeanDispatcher.invoke(ReflectedMBeanDispatcher.java:284)
      at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:549)
      at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:101)
      at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:83)
      at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
      at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:45)
      at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:173)
      at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:85)
      at $Proxy354.create(Unknown Source)
      at de.ems.testrepository.web.RepositoryInitializer1.init(RepositoryInitializer1.java:80)

      ----------------------------------------------------------------------------------------
      ejb-jar.xml

      ...

      <![CDATA[Dies ist ein ReportMgr-Bean.]]>
      <ejb-name>ReportMgr</ejb-name>
      de.ems.testrepository.reports.ejbcommon.ReportMgrHome
      de.ems.testrepository.reports.ejbcommon.ReportMgr
      <local-home>de.ems.testrepository.reports.ejbcommon.ReportMgrLocalHome</local-home>
      de.ems.testrepository.reports.ejbcommon.ReportMgrLocal
      <ejb-class>de.ems.testrepository.reports.ejbimpl.ReportMgrBean</ejb-class>
      <session-type>Stateless</session-type>
      <transaction-type>Container</transaction-type>
      <security-role-ref>
      <role-name>user</role-name>
      <role-link>user</role-link>
      </security-role-ref>
      <resource-ref id="ResRef_3">
      <res-ref-name>jdbc/WebTestDS</res-ref-name>
      <res-type>javax.sql.DataSource</res-type>
      <res-auth>Container</res-auth>
      </resource-ref>

      ...
      <security-role>
      <![CDATA[description not supported yet by ejbdoclet]]>
      <role-name>user</role-name>
      </security-role>
      ...
      <method-permission id="MethodPermission_28">
      <![CDATA[description not supported yet by ejbdoclet]]>
      <role-name>user</role-name>

      <![CDATA[description not supported yet by ejbdoclet]]>
      <ejb-name>ReportMgr</ejb-name>
      <method-name>*</method-name>

      </method-permission>
      ...