2 Replies Latest reply on Apr 25, 2008 10:33 AM by lauri

    forms authentication class cast exception

    boggle

      I have to say I'm a total JBoss n00b and this may be a stupid misconfiguration problem, but I'm trying to get forms authentication working in a basic sample app (JBoss 4.2.0, NetBeans 5.5.1).

      The problem occurs when I submit the login form with my username/password. I get a blank page, and the server spits out the following stacktrace:

      11:14:47,109 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
      java.lang.ClassCastException: org.jnp.interfaces.NamingContext cannot be cast to org.jboss.security.SubjectSecurityManager
       at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:488)
       at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:258)
       at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
       at java.lang.Thread.run(Thread.java:619)
      


      Below is my web.xml if that helps, happy to supply any other info required to get to the bottom of this


      <web-app version="2.4"
      xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
      http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
       <session-config>
       <session-timeout>
       30
       </session-timeout>
       </session-config>
       <welcome-file-list>
       <welcome-file>
       index.jsp
       </welcome-file>
       </welcome-file-list>
       <jsp-config>
       </jsp-config>
       <security-constraint>
       <display-name>FormsLoginConstraint</display-name>
       <web-resource-collection>
       <web-resource-name>FormsAuth</web-resource-name>
       <description/>
       <url-pattern>/*</url-pattern>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
       <http-method>HEAD</http-method>
       <http-method>PUT</http-method>
       <http-method>OPTIONS</http-method>
       <http-method>TRACE</http-method>
       <http-method>DELETE</http-method>
       </web-resource-collection>
       <auth-constraint>
       <description>Form authentication</description>
       <role-name>loginUser</role-name>
       </auth-constraint>
       </security-constraint>
       <login-config>
       <auth-method>FORM</auth-method>
       <realm-name/>
       <form-login-config>
       <form-login-page>/login.jsp</form-login-page>
       <form-error-page>/error.jsp</form-error-page>
       </form-login-config>
       </login-config>
       <security-role>
       <description/>
       <role-name>loginUser</role-name>
       </security-role>
       </web-app>
      


      Any help much appreciated!!

        • 1. Re: forms authentication class cast exception
          jaikiran

          Can you post the contents of your jboss-web.xml and the login-config.xml?

          • 2. Re: forms authentication class cast exception
            lauri

            Almost a year have passed since question, but anyway its worth to answer.

            If you're getting error like this

            15:28:38,314 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
            java.lang.ClassCastException: org.jnp.interfaces.NamingContext cannot be cast to org.jboss.security.SubjectSecurityManager
             at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:488)
             at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
             at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
             at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
             at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
             at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
             at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
             at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
             at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
             at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:437)
             at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpProtocol.java:366)
             at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
             at java.lang.Thread.run(Thread.java:619)
            

            Check jboss-web.xml of your .war

            Probably it contain
             <security-domain flushOnSessionInvalidation="false"/>
            

            Consider commenting it out
            <!--
             <security-domain flushOnSessionInvalidation="false"/>
            -->