2 Replies Latest reply on Sep 15, 2011 9:50 AM by vessah

Security Context has not been set

lesquivel Aug 26, 2009 7:51 PM

Hello,

I am having the following exception when logging in. I am hoping that somebody might have some suggestions to where I might look or check to try and resolve this issue:

17:16:45,552 ERROR [JBossWebRealm] Error during authenticate
java.lang.IllegalStateException: Security Context has not been set
 at org.jboss.web.tomcat.security.SecurityAssociationActions$SetPrincipal
InfoAction.run(SecurityAssociationActions.java:70)
 at java.security.AccessController.doPrivileged(Native Method)
 at org.jboss.web.tomcat.security.SecurityAssociationActions.setPrincipal
Info(SecurityAssociationActions.java:270)
 at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebReal
m.java:388)
 at org.apache.catalina.authenticator.FormAuthenticator.authenticate(Form
Authenticator.java:258)
 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:417)
 at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
e.java:92)
 at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce
ss(SecurityContextEstablishmentValve.java:126)
 at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok
e(SecurityContextEstablishmentValve.java:70)
 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:127)
 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
 at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
onnectionValve.java:158)
 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:330)
 at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436)
 at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpPro
tocol.java:384)
 at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
7)
 at java.lang.Thread.run(Thread.java:619)

I have a custom login config and my own loginModule. I am Extending AbstractLoginModule.

My login-config.xml:

<policy>
 <!-- MyCompany LOGIN MODULE -->
 <application-policy name="MyCompany-login-module">
 <authentication>
 <login-module code="org.MyCompany.security.auth.MyCompanyLoginModule" flag="required">

 </login-module>

 </authentication>
</application-policy>
</policy>

What kind of errors would cause that exception to occur? Could it be a configuration issue? If it is configuration, what or where should I look?
Could it be a code issue in my login module class? If so, what kind of errors in my code could cause this?

Thanks to anyone that replies with any ideas on this.

1. Re: Security Context has not been set

lesquivel Apr 20, 2010 3:59 PM (in response to lesquivel)

FYI - This ended up being a bug in JBoss. I had to update/replace jmx-adaptor-plugin.jar in common lib for an update. I no longer get Security Context has not been set after this.
Actions
2. Re: Security Context has not been set

vessah Sep 15, 2011 9:50 AM (in response to lesquivel)

Hey Luis, i am having the same problem. Can you point me to the JAR file upgrade? Thanks
Actions

Go to original post