1 Reply Latest reply on Sep 21, 2005 8:54 AM by jieshengz

    SecurityAssociation.getPrincipal() is null inside of ejb


      I have a application running inside of jboss. The invocation flow is like this:
      1. servlet1->ejb1->ejb2->ejb3
      Inside of the servlet, I have a call LoginContext.login() to establish the user identity. This LoginContext uses client-login. Inside of the ejb1, the ejb2 is invoked. Sometime, I got a "Authentication exception, principal is null". To find out why this exception is thrown, I inserted some debug information sinde of the ejb1 code before the ejb2 is invoked.
      I found out sometime the org.jboss.security.SecurityAssociation.getPrincipal() is null inside of ejb1.
      All ejbs used the same login configuration. The login configuration is like this

      <application-policy name = "comRedzeroStoreEJB">

      <login-module code = "org.jboss.security.ClientLoginModule" flag = "required">
      <module-option name = "multi-threaded">true</module-option>
      <module-option name = "restore-login-identity">true</module-option>
      <login-module code="com.redzero.security.auth.spi.JbossNoopLoginModule" flag="required">


      I used ClientLoginModule besides the custome login module. Therefore the org.jboss.security.SecurityAssociation.getPrincipal() should not be null. Since this does not occurs all the time, it is very difficult to debug.
      Any idea why it occurs and how I should debug it?