0 Replies Latest reply on Feb 28, 2007 12:15 PM by Joan Pujol Espinar

    Help needed please, Authentication info propagation don't wo

    Joan Pujol Espinar Newbie

      What I try to do is:

      Programatically establish an indentity in a servlet and propagate it to be disposable to all the web applications on the same realm.

      (I have to do it programatically for: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=102853
      The code of my servlet is:

       try {
       UsernamePasswordHandler handler = new UsernamePasswordHandler("XXX", "XXX");
       LoginContext lc = new LoginContext("MyDomain", handler);
       lc.login();
      
       }catch(Exception e ) {
       e.printStackTrace();
       }
      
      


      And the log that I get is:

      DEBUG (MyLoginModule.java.java:98) - login()
      INFO (MyLoginModule.java.java:151) - User XXX ok with role YYY
      TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:103) - Security domain: MyDomain
      TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:121) - Enabling restore-login-identity mode
      TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:130) - Enabling useFirstPass mode
      TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:139) - Begin login
      TRACE (org.jboss.security.ClientLoginModule.ClientLoginModule.java:223) - commit, subject=Asunto:
       Principal: XXX
       Principal: Roles(members:YYY)
      
      TRACE (org.jboss.security.SecurityAssociation.SecurityAssociation.java:460) - pushSubjectContext, subject=Asunto:
       Principal: XXX
       Principal: Roles(members:YYY)
      
      


      This is the debug code I get just after lc.login() in my servlet.



      The problem is that then when the servlet ends I had this stacktrace:

      ApplicationFilterChain.internalDoFilter(ServletRequest, ServletResponse) line: 252
      ApplicationFilterChain.doFilter(ServletRequest, ServletResponse) line: 173
      ReplyHeaderFilter.doFilter(ServletRequest, ServletResponse, FilterChain) line: 96
      ApplicationFilterChain.internalDoFilter(ServletRequest, ServletResponse) line: 202
      ApplicationFilterChain.doFilter(ServletRequest, ServletResponse) line: 173
      StandardWrapperValve.invoke(Request, Response) line: 213
      StandardContextValve.invoke(Request, Response) line: 178
      SecurityAssociationValve.invoke(Request, Response) line: 175
      BasicAuthenticator(AuthenticatorBase).invoke(Request, Response) line: 432
      JaccContextValve.invoke(Request, Response) line: 74
      StandardHostValve.invoke(Request, Response) line: 126
      ErrorReportValve.invoke(Request, Response) line: 105
      CachedConnectionValve.invoke(Request, Response) line: 156
      SingleSignOn.invoke(Request, Response) line: 392
      StandardEngineValve.invoke(Request, Response) line: 107
      CoyoteAdapter.service(Request, Response) line: 148
      Http11Processor.process(InputStream, OutputStream) line: 869
      Http11Protocol$JmxHttp11ConnectionHandler(Http11BaseProtocol$Http11ConnectionHandler).processConnection(TcpConnection, Object[]) line: 664
      PoolTcpEndpoint.processSocket(Socket, TcpConnection, Object[]) line: 527
      MasterSlaveWorkerThread.run() line: 112
      ThreadWithAttributes(Thread).run() line: 595
      


      And when the arrives at BasicAuthenticator I get:

      popRunAsIdentity, runAs=null
      
      and then:
      
      2007-02-28 17:43:17,688 TRACE (org.jboss.security.SecurityAssociation.SecurityAssociation.java:555) - clear, server=true


      It looks as if the credential are deleted, aren't they?

      The login-config.xml has:

       <application-policy name="MyDomain">
       <authentication>
       <login-module code="MyModule"
       flag = "required">
       <module-option name="password-stacking">useFirstPass</module-option>
       </login-module>
      
       <login-module code="org.jboss.security.ClientLoginModule" flag="required">
       <module-option name="password-stacking">useFirstPass</module-option>
       <module-option name="restore-login-identity">false</module-option>
       </login-module>
      
       </authentication>
       </application-policy>
      
      


      Please, please, please,...... someone can help in this nigthmare?¿

      PD: All is to try to solve the problem I also explain in :