0 Replies Latest reply on Sep 4, 2009 5:28 AM by Jochen Riedlinger

    JBossNegotiation NullPointerExcpetion on EJB Call after Cach

    Jochen Riedlinger Newbie

      Hi,

      this week I gave JBossNegotiation a try. I tried it with a webapplication which calls a stateless session ejb.

      In the first step authentication works well, but after the SecurityManager Cache timed out, the next call from the webapp to the EJB fails with a NullPointerExcpetion:


      09:55:06,299 WARN [FWAction] de.lbank.portal.PortalException: java.lang.NullPointerException
      at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:106)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:585)
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
      at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
      at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
      at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
      at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:211)
      at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:158)
      at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
      at org.jboss.ejb.plugins.CleanShutdownInterceptor.invoke(CleanShutdownInterceptor.java:278)
      at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:138)
      at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:648)
      at org.jboss.ejb.Container.invoke(Container.java:960)
      at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:430)
      at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
      at $Proxy266.getAlleAnwendungen(Unknown Source)
      at de.lbank.portal.ejb.PortalLocalEjbBusinessDelegate.getAlleAnwendungen(PortalLocalEjbBusinessDelegate.java:75)
      at de.lbank.portal.web.action.PortalHomeAnzeigeAction.doExecute(PortalHomeAnzeigeAction.java:92)
      at com.cc.framework.adapter.struts.ActionUtil.execute(Unknown Source)
      at com.cc.framework.adapter.struts.FWAction.execute(Unknown Source)
      at com.cc.framework.adapter.struts.FWAction.execute(Unknown Source)
      at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:421)
      at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:226)
      at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1164)
      at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:397)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
      at de.lbank.framework.web.struts.LActionServlet.service(LActionServlet.java:53)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
      at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
      at org.jboss.web.tomcat.service.session.ClusteredSessionValve.invoke(ClusteredSessionValve.java:87)
      at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525)
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
      at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
      at org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn.invoke(ClusteredSingleSignOn.java:676)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
      at java.lang.Thread.run(Thread.java:595)



      Is there a solution for this problem, if I don't want to change the "DefaultCacheTimeout" in the "org.jboss.security.plugins.JaasSecurityManagerService" MBean to a very long time?

      How does this work with failover in the cluster?

      Thanks,
      Jochen