2 Replies Latest reply on Aug 5, 2005 2:44 AM by Peter Buus

    Extra call of LoginModule

    Peter Buus Newbie

      Hi

      jboss 4.0.2

      I have written a custom LoginModule with a custom CallbackHandler, which I use to create a stateful session EJB.
      When my http session times out I would like to remove this EJB.
      Thus I have saved the actual callbackHandler in the http session and made a SessionListener:
      public void valueUnbound(HttpSessionBindingEvent event) {
      javax.security.auth.login.LoginContext loginContext = new
      javax.security.auth.login.LoginContext("tdc",
      savedCallbackHandler());
      loginContext.login();
      System.out.println("Logged in again");
      savedEjbHandle.remove();
      System.out.println("Cleaned up session");
      }


      In the console log I can see that the sessionListener does a successful login using the savedCallbackHandler, but the subsequent call to
      savedEjbHandle.remove somehow initiates an extra call to my LoginModule with a callbackHandler with no information, ie username and credentials are not available.
      Any ideas?

      /Peter



      The stacktrace of the extra LoginModule call follows:

      15:39:07,094 DEBUG [LogInterceptor] SecurityException in method: public abstract void javax.ejb.EJBObject.remove() throws java.rmi.RemoteException,javax.ejb.RemoveException:
      javax.security.auth.login.LoginException: Username not supplied.
      at dk.certifikat.jboss.security.CertLoginModule.getUserName(CertLoginModule.java:153)
      at dk.certifikat.jboss.security.CertLoginModule.login(CertLoginModule.java:83)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
      at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:483)
      at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:425)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:251)
      at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:180)
      at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:129)
      at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185)
      at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:48)
      at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:105)
      at org.jboss.ejb.plugins.AbstractTxInterceptorBMT.invokeNext(AbstractTxInterceptorBMT.java:153)
      at org.jboss.ejb.plugins.TxInterceptorBMT.invoke(TxInterceptorBMT.java:62)
      at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSessionInstanceInterceptor.java:297)
      at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:192)
      at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
      at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:624)
      at org.jboss.ejb.Container.invoke(Container.java:873)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
      at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
      at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
      at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
      at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
      at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:155)
      at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:104)
      at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:179)
      at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:165)
      at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
      at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55)
      at org.jboss.proxy.ejb.StatefulSessionInterceptor.invoke(StatefulSessionInterceptor.java:106)
      at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:86)
      at $Proxy61.remove(Unknown Source)
      at infra.servlet.SessionListener.valueUnbound(SessionListener.java:54)
      at org.apache.catalina.session.StandardSession.removeAttributeInternal(StandardSession.java:1595)
      at org.apache.catalina.session.StandardSession.expire(StandardSession.java:727)
      at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:567)
      at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:655)
      at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:640)
      at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1283)
      at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1568)
      at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1577)
      at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1577)
      at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1557)
      at java.lang.Thread.run(Thread.java:534)
      15:39:07,094 INFO [STDOUT] java.rmi.AccessException: SecurityException; nested exception is:
      javax.security.auth.login.LoginException: Username not supplied.
      15:39:07,094 INFO [STDOUT] at org.jboss.ejb.plugins.LogInterceptor.handleException(LogInterceptor.java:370)
      15:39:07,094 INFO [STDOUT] at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:196)
      15:39:07,094 INFO [STDOUT] at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:122)
      15:39:07,094 INFO [STDOUT] at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:624)
      15:39:07,094 INFO [STDOUT] at org.jboss.ejb.Container.invoke(Container.java:873)
      15:39:07,094 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      15:39:07,094 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      15:39:07,094 INFO [STDOUT] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      15:39:07,094 INFO [STDOUT] at java.lang.reflect.Method.invoke(Method.java:324)
      15:39:07,094 INFO [STDOUT] at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:141)
      15:39:07,094 INFO [STDOUT] at org.jboss.mx.server.Invocation.dispatch(Invocation.java:80)
      15:39:07,094 INFO [STDOUT] at org.jboss.mx.server.Invocation.invoke(Invocation.java:72)
      15:39:07,094 INFO [STDOUT] at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:249)
      15:39:07,094 INFO [STDOUT] at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:644)
      15:39:07,094 INFO [STDOUT] at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:155)
      15:39:07,094 INFO [STDOUT] at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:104)
      15:39:07,094 INFO [STDOUT] at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:179)
      15:39:07,094 INFO [STDOUT] at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:165)
      15:39:07,094 INFO [STDOUT] at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:46)
      15:39:07,094 INFO [STDOUT] at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:55)
      15:39:07,094 INFO [STDOUT] at org.jboss.proxy.ejb.StatefulSessionInterceptor.invoke(StatefulSessionInterceptor.java:106)
      15:39:07,094 INFO [STDOUT] at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:86)
      15:39:07,094 INFO [STDOUT] at $Proxy61.remove(Unknown Source)
      15:39:07,094 INFO [STDOUT] at infra.servlet.SessionListener.valueUnbound(SessionListener.java:54)
      15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.StandardSession.removeAttributeInternal(StandardSession.java:1595)
      15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.StandardSession.expire(StandardSession.java:727)
      15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.StandardSession.isValid(StandardSession.java:567)
      15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.ManagerBase.processExpires(ManagerBase.java:655)
      15:39:07,094 INFO [STDOUT] at org.apache.catalina.session.ManagerBase.backgroundProcess(ManagerBase.java:640)
      15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase.backgroundProcess(ContainerBase.java:1283)
      15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1568)
      15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1577)
      15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.processChildren(ContainerBase.java:1577)
      15:39:07,104 INFO [STDOUT] at org.apache.catalina.core.ContainerBase$ContainerBackgroundProcessor.run(ContainerBase.java:1557)
      15:39:07,104 INFO [STDOUT] at java.lang.Thread.run(Thread.java:534)
      15:39:07,104 INFO [STDOUT] Caused by: javax.security.auth.login.LoginException:
      Username not supplied.
      15:39:07,104 INFO [STDOUT] at dk.certifikat.jboss.security.CertLoginModule.getUserName(CertLoginModule.java:153)
      15:39:07,104 INFO [STDOUT] at dk.certifikat.jboss.security.CertLoginModule.login(CertLoginModule.java:83)
      15:39:07,104 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      15:39:07,104 INFO [STDOUT] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      15:39:07,104 INFO [STDOUT] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      15:39:07,104 INFO [STDOUT] at java.lang.reflect.Method.invoke(Method.java:324)
      15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
      15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
      15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
      15:39:07,104 INFO [STDOUT] at java.security.AccessController.doPrivileged(Native Method)
      15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
      15:39:07,104 INFO [STDOUT] at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
      15:39:07,104 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:483)
      15:39:07,104 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:425)
      15:39:07,104 INFO [STDOUT] at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:251)
      15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:180)
      15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:129)
      15:39:07,104 INFO [STDOUT] at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:185)
      15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:48)
      15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:105)
      15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.AbstractTxInterceptorBMT.invokeNext(AbstractTxInterceptorBMT.java:153)
      15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.TxInterceptorBMT.invoke(TxInterceptorBMT.java:62)
      15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.StatefulSessionInstanceInterceptor.invoke(StatefulSessionInstanceInterceptor.java:297)
      15:39:07,104 INFO [STDOUT] at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:192)
      15:39:07,104 INFO [STDOUT] ... 34 more