1 Reply Latest reply on Dec 1, 2002 11:46 PM by Fusayuki Minamoto

    Exception: principal=null

    Roman Wagner Newbie

      Hi,

      i have a Problem with user authentication.

      I have written something like that

      --------------------------Servlet-----
      ...

      public void doPost(HttpServletRequest req, HttpServletResponse res)
      throws ServletException, IOException
      {
      try {
      String name = req.getParameter("name");
      int id = Integer.parseInt(req.getParameter("id"));
      int age = Integer.parseInt(req.getParameter("age"));
      int stock = Integer.parseInt(req.getParameter("stock"));
      double price = Double.parseDouble(req.getParameter("price"));

      WhiskeyDO whiskey = new WhiskeyDO(id, name, price, stock, age);

      ManagerHome mh = ManageWhiskey.managerHome();

      ManagerRemote manager = mh.create();
      manager.addWhiskey(whiskey);

      Collection c = manager.listAll();
      req.setAttribute("list", c);
      this.getServletContext().getRequestDispatcher("/ListWhiskeys.jsp").forward(req, res);
      }
      catch (Exception e)
      {
      throw new ServletException(e);
      }
      }


      private static ManagerHome managerHome() throws Exception
      {
      try
      {
      AppCallbackHandler handler = new AppCallbackHandler("uname","passwd".toCharArray());
      LoginContext lc = new LoginContext("Test",handler);
      lc.login();
      }
      catch(Exception e)
      {
      System.err.print(e.toString());
      return null;
      }
      return (ManagerHome)PortableRemoteObject.narrow(
      new javax.naming.InitialContext().lookup("pub/Manager"),
      bar.ManagerHome.class);
      }

      ...

      ----jboss.xml @ ManagerBean dir--------------
      ...


      <security-domain>java:/jaas/pub</security-domain>
      <enterprise-beans>

      <ejb-name>
      Manager
      </ejb-name>
      <jndi-name>
      pub/Manager
      </jndi-name>

      </enterprise-beans>


      ---------$JBOSS_HOME/server/default/conf/login_config.xml----------------
      ...

      <!-- Used by clients within the application server VM such as
      mbeans and servlets that access EJBs.
      -->
      <application-policy name = "pub">

      <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
      flag = "required">
      </login-module>

      </application-policy>

      ...



      I don't know any solution for the Problem below.

      Can somebody help me?

      Thx.



      java.lang.SecurityException: Authentication exception, principal=null
      at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173)
      at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94)
      at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129)
      at org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContainer.java:300)
      at org.jboss.ejb.Container.invoke(Container.java:730)
      at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:517)
      at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:98)
      at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:102)
      at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:77)
      at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:80)
      at org.jboss.proxy.ejb.HomeInterceptor.invoke(HomeInterceptor.java:198)
      at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:76)
      at $Proxy27.create(Unknown Source)
      at bar.ManageWhiskey.doPost(ManageWhiskey.java:79)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:260)
      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
      at org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)
      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
      at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2396)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
      at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
      at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:469)
      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
      at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
      at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
      at org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1040)
      at org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1151)
      at java.lang.Thread.run(Thread.java:536)
      21:34:11,622 ERROR [Engine] StandardWrapperValve[ManageWhiskey]: Servlet.service() for servlet ManageWhiskey threw exception
      javax.servlet.ServletException: EJBException:; nested exception is:
      javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
      Authentication exception, principal=null
      at bar.ManageWhiskey.doPost(ManageWhiskey.java:87)
      ...

        • 1. Re: Exception: principal=null
          Fusayuki Minamoto Apprentice

          Hi,

          The exception shows an authentication failure when to access a ManagerHome method, which may be create().
          You should check if the "users.properties" has your username and password.

          I'm not sure what the program does but I believe the login in the managerHome() is inadequate if you try to access the secure ejb from the unsecure servlet.

          You could use "client-login" as the first parameter of the LoginContext constructur.
          That sets the authentication info to the environment and lets the security manager does the real authentication.

          Miki