You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@isis.apache.org by Luis Enrique Martínez López <lu...@vortech-it.com> on 2020/01/23 04:39:12 UTC
Security Module Realm - Error
Hi
I am trying to configure the security of Apache Isis as "Security Module Realm", I did everything that comes in the documentation but I am getting the following error:
631047 22:18:37,461 [IsisTransaction qtp246168102-19 INFO ] abort transaction IsisTransaction@42052069[state=IN_PROGRESS,commands=0]
631052 22:18:37,466 [AbstractAuthenticator qtp246168102-19 WARN ] Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - isis-module-security-admin,
rememberMe=false]. Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
java.lang.RuntimeException: An error occurred while executing code in a temporary session
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:366)
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:344)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:221)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:138)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:76)
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:151)
at org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:111)
at org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:73)
at org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:66)
at org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:210)
at org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:46)
at org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:305)
at org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1316)
at org.apache.wicket.markup.html.form.Form.process(Form.java:976)
at org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100)
at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:797)
at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:708)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258)
at org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216)
at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:241)
at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:234)
at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:895)
at org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
at org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:265)
at org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:222)
at org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
at org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
at org.eclipse.jetty.server.Server.handle(Server.java:517)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.NullPointerException
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.lookupUser(IsisModuleSecurityRealm.java:149)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:141)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:138)
at org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:188)
at org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:178)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doExecute(IsisModuleSecurityRealm.java:236)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$3.call(IsisModuleSecurityRealm.java:227)
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:364)
... 73 more
631069 22:18:37,483 [ShiroAuthenticatorOrAuthorizor qtp246168102-19 ERROR] Unable to authenticate
org.apache.shiro.authc.AuthenticationException: Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - isis-module-security-admin, rememberMe=false].
Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:214)
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:151)
at org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:111)
at org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:73)
at org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:66)
at org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:210)
at org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:46)
at org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:305)
at org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1316)
at org.apache.wicket.markup.html.form.Form.process(Form.java:976)
at org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100)
at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:797)
at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:708)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258)
at org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216)
at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:241)
at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:234)
at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:895)
at org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
at org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:265)
at org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:222)
at org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
at org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
at org.eclipse.jetty.server.Server.handle(Server.java:517)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.RuntimeException: An error occurred while executing code in a temporary session
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:366)
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:344)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:221)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:138)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:76)
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
... 65 more
Caused by: java.lang.NullPointerException
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.lookupUser(IsisModuleSecurityRealm.java:149)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:141)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:138)
at org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:188)
at org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:178)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doExecute(IsisModuleSecurityRealm.java:236)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$3.call(IsisModuleSecurityRealm.java:227)
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:364)
... 73 more
Could you explain what I need to do? Why do i get the error?
What I did was the following:
################
Shiro.ini
################
[main]
isisModuleSecurityRealm=org.isisaddons.module.security.shiro.IsisModuleSecurityRealm
authenticationStrategy=org.isisaddons.module.security.shiro.AuthenticationStrategyForIsisModuleSecurityRealm
securityManager.authenticator.authenticationStrategy = $authenticationStrategy
securityManager.realms = $isisModuleSecurityRealm
################
Isis.properties
################
isis.appManifest=domainapp.application.manifest.DomainAppAppManifest
isis.services-installer=configuration-and-annotation
isis.services.ServicesInstallerFromAnnotation.packagePrefix=org.isisaddons.module.security
isis.services = org.isisaddons.module.security.dom.password.PasswordEncryptionServiceUsingJBcrypt,\
org.isisaddons.module.security.dom.permission.PermissionsEvaluationServiceAllowBeatsVeto
isis.reflector.facets.include=org.isisaddons.module.security.facets.TenantedAuthorizationFacetFactory
isis.reflector.facet.cssClassFa.patterns=\
new.*:fa-plus,\
add.*:fa-plus-square,\
create.*:fa-plus,\
update.*:fa-edit,\
remove.*:fa-minus-square,\
find.*:fa-search,\
all.*:fa-list
#################
webapp/pom.xml
#################
<dependencies>
<!-- this app -->
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>Onboarding-application</artifactId>
</dependency>
<!-- isis -->
<dependency>
<groupId>org.apache.isis.mavendeps</groupId>
<artifactId>isis-mavendeps-webapp</artifactId>
<type>pom</type>
</dependency>
<!-- Shiro Module Security-->
<dependency>
<groupId>org.isisaddons.module.security</groupId>
<artifactId>isis-module-security-dom</artifactId>
<version>1.14.0</version>
</dependency>
<dependency>
<groupId>org.mindrot</groupId>
<artifactId>jbcrypt</artifactId>
<version>0.4</version>
</dependency>
</dependencies>
Thank you in advance.
Luis Martínez
Re: Security Module Realm - Error
Posted by Dan Haywood <da...@haywood-associates.co.uk>.
Hi Luis,
The asf mailing lists strip off attachments I'm afraid. Best thing is to
upload somewhere then link to it.
That said, the reason that the repo is null is probably because you haven't
included the appropriate module class as a dependency of your AppManifest.
This is used to find packages to scan for domain services/repositories, so
if the package containing the implementation of that repo isn't being
scanned, then no instance will be instantiated by the framework to inject.
(Separately, you might want to subscribe to this mailing list so I don't
have to moderate your posts. And/or, we have a slack channel now, linked
from support menu of the website)
HTH,
Dan.
On Sat, 25 Jan 2020, 07:58 Luis Enrique Martínez López, <
luis.martinez@vortech-it.com> wrote:
> Hi,
>
> Attached a screenshot.
>
> It appears that applicationUserRepository is null.
>
>
>
>
>
> Regards
>
> Luis Martínez
>
>
>
> *De:* Luis Enrique Martínez López
> *Enviado el:* miércoles, 22 de enero de 2020 10:39 p.m.
> *Para:* users@isis.apache.org
> *Asunto:* Security Module Realm - Error
>
>
>
> Hi
>
> I am trying to configure the security of Apache Isis as "Security Module
> Realm", I did everything that comes in the documentation but I am getting
> the following error:
>
>
>
> 631047 22:18:37,461 [IsisTransaction qtp246168102-19 INFO ] abort
> transaction IsisTransaction@42052069[state=IN_PROGRESS,commands=0]
>
> 631052 22:18:37,466 [AbstractAuthenticator qtp246168102-19 WARN ]
> Authentication failed for token submission
> [org.apache.shiro.authc.UsernamePasswordToken - isis-module-security-admin,
>
> rememberMe=false]. Possible unexpected error? (Typical or expected login
> exceptions should extend from AuthenticationException).
>
> java.lang.RuntimeException: An error occurred while executing code in a
> temporary session
>
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:366)
>
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:344)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:221)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:138)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:76)
>
> at
> org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
>
> at
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
>
> at
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
>
> at
> org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
>
> at
> org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
>
> at
> org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
>
> at
> org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
>
> at
> org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:151)
>
> at
> org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:111)
>
> at
> org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:73)
>
> at
> org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:66)
>
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:210)
>
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:46)
>
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:305)
>
> at
> org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1316)
>
> at org.apache.wicket.markup.html.form.Form.process(Form.java:976)
>
> at
> org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100)
>
> at
> org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:797)
>
> at
> org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:708)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
> at java.lang.reflect.Method.invoke(Method.java:498)
>
> at
> org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258)
>
> at
> org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216)
>
> at
> org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:241)
>
> at
> org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:234)
>
> at
> org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:895)
>
> at
> org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
>
> at
> org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:265)
>
> at
> org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:222)
>
> at
> org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
>
> at
> org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
>
> at
> org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
>
> at
> org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
>
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
>
> at
> org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52)
>
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
>
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
>
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
>
> at
> org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
>
> at
> org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
>
> at
> org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
>
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
>
> at
> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
>
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
>
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
>
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
>
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
>
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
>
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
>
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
>
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
>
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
>
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
>
> at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
>
> at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
>
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
>
> at org.eclipse.jetty.server.Server.handle(Server.java:517)
>
> at
> org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306)
>
> at
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
>
> at
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
>
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
>
> at
> org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
>
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
>
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
>
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
>
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
>
> at java.lang.Thread.run(Thread.java:748)
>
> Caused by: java.lang.NullPointerException
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.lookupUser(IsisModuleSecurityRealm.java:149)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:141)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:138)
>
> at
> org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:188)
>
> at
> org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:178)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doExecute(IsisModuleSecurityRealm.java:236)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$3.call(IsisModuleSecurityRealm.java:227)
>
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:364)
>
> ... 73 more
>
> 631069 22:18:37,483 [ShiroAuthenticatorOrAuthorizor qtp246168102-19
> ERROR] Unable to authenticate
>
> org.apache.shiro.authc.AuthenticationException: Authentication failed for
> token submission [org.apache.shiro.authc.UsernamePasswordToken -
> isis-module-security-admin, rememberMe=false].
>
> Possible unexpected error? (Typical or expected login exceptions should
> extend from AuthenticationException).
>
> at
> org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:214)
>
> at
> org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
>
> at
> org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
>
> at
> org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
>
> at
> org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:151)
>
> at
> org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:111)
>
> at
> org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:73)
>
> at
> org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:66)
>
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:210)
>
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:46)
>
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:305)
>
> at
> org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1316)
>
> at org.apache.wicket.markup.html.form.Form.process(Form.java:976)
>
> at
> org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100)
>
> at
> org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:797)
>
> at
> org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:708)
>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>
> at java.lang.reflect.Method.invoke(Method.java:498)
>
> at
> org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258)
>
> at
> org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216)
>
> at
> org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:241)
>
> at
> org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:234)
>
> at
> org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:895)
>
> at
> org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
>
> at
> org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:265)
>
> at
> org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:222)
>
> at
> org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
>
> at
> org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
>
> at
> org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
>
> at
> org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
>
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
>
> at
> org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52)
>
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
>
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
>
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
>
> at
> org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
>
> at
> org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
>
> at
> org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
>
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
>
> at
> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
>
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
>
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
>
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
>
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
>
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
>
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
>
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
>
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
>
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
>
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
>
> at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
>
> at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
>
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
>
> at org.eclipse.jetty.server.Server.handle(Server.java:517)
>
> at
> org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306)
>
> at
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
>
> at
> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
>
> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
>
> at
> org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
>
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
>
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
>
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
>
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
>
> at java.lang.Thread.run(Thread.java:748)
>
> Caused by: java.lang.RuntimeException: An error occurred while executing
> code in a temporary session
>
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:366)
>
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:344)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:221)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:138)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:76)
>
> at
> org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
>
> at
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
>
> at
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
>
> at
> org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
>
> ... 65 more
>
> Caused by: java.lang.NullPointerException
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.lookupUser(IsisModuleSecurityRealm.java:149)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:141)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:138)
>
> at
> org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:188)
>
> at
> org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:178)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doExecute(IsisModuleSecurityRealm.java:236)
>
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$3.call(IsisModuleSecurityRealm.java:227)
>
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:364)
>
> ... 73 more
>
>
>
> Could you explain what I need to do? Why do i get the error?
>
> What I did was the following:
>
>
>
> ################
>
> Shiro.ini
>
> ################
>
>
> *[main] **isisModuleSecurityRealm*=
>
> *org.isisaddons.module.security.shiro.IsisModuleSecurityRealm *
> *authenticationStrategy*=
> *org.isisaddons.module.security.shiro.AuthenticationStrategyForIsisModuleSecurityRealm
> **securityManager.authenticator.authenticationStrategy *=
>
> *$authenticationStrategy **securityManager.realms *=
> *$isisModuleSecurityRealm*
>
>
>
> ################
>
> Isis.properties
>
> ################
>
> *isis.appManifest*=
>
> *domainapp.application.manifest.DomainAppAppManifest**isis.services-installer*=
> *configuration-and-annotation**isis.services.ServicesInstallerFromAnnotation.packagePrefix*=
>
> *org.isisaddons.module.security**isis.services *= *org.isisaddons.module.security.dom.password.PasswordEncryptionServiceUsingJBcrypt,*
> *\*
>
> * org.isisaddons.module.security.dom.permission.PermissionsEvaluationServiceAllowBeatsVeto**isis.reflector.facets.include*=
>
> *org.isisaddons.module.security.facets.TenantedAuthorizationFacetFactory**isis.reflector.facet.cssClassFa.patterns*=
> *\** new.*:fa-plus,*
> *\** add.*:fa-plus-square,*
> *\** create.*:fa-plus,*
> *\** update.*:fa-edit,*
> *\** remove.*:fa-minus-square,*
> *\** find.*:fa-search,*
> *\** all.*:fa-list*
>
>
>
> #################
>
> webapp/pom.xml
>
> #################
>
> <*dependencies*>
>
> *<!-- this app --> *<*dependency*>
> <*groupId*>${project.groupId}</*groupId*>
> <*artifactId*>Onboarding-application</*artifactId*>
> </*dependency*>
>
>
> *<!-- isis --> *<*dependency*>
> <*groupId*>org.apache.isis.mavendeps</*groupId*>
> <*artifactId*>isis-mavendeps-webapp</*artifactId*>
> <*type*>pom</*type*>
> </*dependency*>
>
>
> *<!-- Shiro Module Security--> *<*dependency*>
> <*groupId*>org.isisaddons.module.security</*groupId*>
> <*artifactId*>isis-module-security-dom</*artifactId*>
> <*version*>1.14.0</*version*>
> </*dependency*>
> <*dependency*>
> <*groupId*>org.mindrot</*groupId*>
> <*artifactId*>jbcrypt</*artifactId*>
> <*version*>0.4</*version*>
> </*dependency*>
>
> </*dependencies*>
>
>
>
> Thank you in advance.
>
> Luis Martínez
>
Security Module Realm - Error
Posted by Luis Enrique Martínez López <lu...@vortech-it.com>.
Hi,
Attached a screenshot.
It appears that applicationUserRepository is null.
[cid:image001.png@01D5D2F2.72ACBF20]
Regards
Luis Martínez
De: Luis Enrique Martínez López
Enviado el: miércoles, 22 de enero de 2020 10:39 p.m.
Para: users@isis.apache.org
Asunto: Security Module Realm - Error
Hi
I am trying to configure the security of Apache Isis as "Security Module Realm", I did everything that comes in the documentation but I am getting the following error:
631047 22:18:37,461 [IsisTransaction qtp246168102-19 INFO ] abort transaction IsisTransaction@42052069[state=IN_PROGRESS,commands=0]
631052 22:18:37,466 [AbstractAuthenticator qtp246168102-19 WARN ] Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - isis-module-security-admin,
rememberMe=false]. Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
java.lang.RuntimeException: An error occurred while executing code in a temporary session
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:366)
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:344)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:221)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:138)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:76)
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:151)
at org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:111)
at org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:73)
at org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:66)
at org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:210)
at org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:46)
at org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:305)
at org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1316)
at org.apache.wicket.markup.html.form.Form.process(Form.java:976)
at org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100)
at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:797)
at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:708)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258)
at org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216)
at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:241)
at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:234)
at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:895)
at org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
at org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:265)
at org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:222)
at org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
at org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
at org.eclipse.jetty.server.Server.handle(Server.java:517)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.NullPointerException
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.lookupUser(IsisModuleSecurityRealm.java:149)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:141)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:138)
at org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:188)
at org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:178)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doExecute(IsisModuleSecurityRealm.java:236)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$3.call(IsisModuleSecurityRealm.java:227)
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:364)
... 73 more
631069 22:18:37,483 [ShiroAuthenticatorOrAuthorizor qtp246168102-19 ERROR] Unable to authenticate
org.apache.shiro.authc.AuthenticationException: Authentication failed for token submission [org.apache.shiro.authc.UsernamePasswordToken - isis-module-security-admin, rememberMe=false].
Possible unexpected error? (Typical or expected login exceptions should extend from AuthenticationException).
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:214)
at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
at org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:151)
at org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:111)
at org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:73)
at org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:66)
at org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:210)
at org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:46)
at org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:305)
at org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1316)
at org.apache.wicket.markup.html.form.Form.process(Form.java:976)
at org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100)
at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:797)
at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:708)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258)
at org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216)
at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:241)
at org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:234)
at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:895)
at org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
at org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:265)
at org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:222)
at org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
at org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
at org.eclipse.jetty.server.Server.handle(Server.java:517)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.RuntimeException: An error occurred while executing code in a temporary session
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:366)
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:344)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:221)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:138)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:76)
at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
... 65 more
Caused by: java.lang.NullPointerException
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.lookupUser(IsisModuleSecurityRealm.java:149)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:141)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:138)
at org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:188)
at org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:178)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doExecute(IsisModuleSecurityRealm.java:236)
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$3.call(IsisModuleSecurityRealm.java:227)
at org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:364)
... 73 more
Could you explain what I need to do? Why do i get the error?
What I did was the following:
################
Shiro.ini
################
[main]
isisModuleSecurityRealm=org.isisaddons.module.security.shiro.IsisModuleSecurityRealm
authenticationStrategy=org.isisaddons.module.security.shiro.AuthenticationStrategyForIsisModuleSecurityRealm
securityManager.authenticator.authenticationStrategy = $authenticationStrategy
securityManager.realms = $isisModuleSecurityRealm
################
Isis.properties
################
isis.appManifest=domainapp.application.manifest.DomainAppAppManifest
isis.services-installer=configuration-and-annotation
isis.services.ServicesInstallerFromAnnotation.packagePrefix=org.isisaddons.module.security
isis.services = org.isisaddons.module.security.dom.password.PasswordEncryptionServiceUsingJBcrypt,\
org.isisaddons.module.security.dom.permission.PermissionsEvaluationServiceAllowBeatsVeto
isis.reflector.facets.include=org.isisaddons.module.security.facets.TenantedAuthorizationFacetFactory
isis.reflector.facet.cssClassFa.patterns=\
new.*:fa-plus,\
add.*:fa-plus-square,\
create.*:fa-plus,\
update.*:fa-edit,\
remove.*:fa-minus-square,\
find.*:fa-search,\
all.*:fa-list
#################
webapp/pom.xml
#################
<dependencies>
<!-- this app -->
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>Onboarding-application</artifactId>
</dependency>
<!-- isis -->
<dependency>
<groupId>org.apache.isis.mavendeps</groupId>
<artifactId>isis-mavendeps-webapp</artifactId>
<type>pom</type>
</dependency>
<!-- Shiro Module Security-->
<dependency>
<groupId>org.isisaddons.module.security</groupId>
<artifactId>isis-module-security-dom</artifactId>
<version>1.14.0</version>
</dependency>
<dependency>
<groupId>org.mindrot</groupId>
<artifactId>jbcrypt</artifactId>
<version>0.4</version>
</dependency>
</dependencies>
Thank you in advance.
Luis Martínez
Re: Security Module Realm - Error
Posted by Dan Haywood <da...@haywood-associates.co.uk>.
The root cause seems to be an now in one of our integration classes.
Apologies for that, it should fail more graciously.
From your stack trace I see:
Caused by: java.lang.NullPointerException
at org.isisaddons.module.security.shiro.IsisModuleSecurityRealm
$1.lookupUser(IsisModuleSecurityRealm.java:149)
at org.isisaddons.module.security
Could you put a break point at that point to see what the issue is. If you
want we could screen share to look at this together.
Thx,
Dan.
On Thu, 23 Jan 2020, 07:05 Luis Enrique Martínez López, <
luis.martinez@vortech-it.com> wrote:
> Hi
> I am trying to configure the security of Apache Isis as "Security Module
> Realm", I did everything that comes in the documentation but I am getting
> the following error:
>
> 631047 22:18:37,461 [IsisTransaction qtp246168102-19 INFO ] abort
> transaction IsisTransaction@42052069[state=IN_PROGRESS,commands=0]
> 631052 22:18:37,466 [AbstractAuthenticator qtp246168102-19 WARN ]
> Authentication failed for token submission
> [org.apache.shiro.authc.UsernamePasswordToken - isis-module-security-admin,
> rememberMe=false]. Possible unexpected error? (Typical or expected login
> exceptions should extend from AuthenticationException).
> java.lang.RuntimeException: An error occurred while executing code in a
> temporary session
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:366)
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:344)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:221)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:138)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:76)
> at
> org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
> at
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
> at
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
> at
> org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
> at
> org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
> at
> org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
> at
> org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
> at
> org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:151)
> at
> org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:111)
> at
> org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:73)
> at
> org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:66)
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:210)
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:46)
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:305)
> at
> org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1316)
> at org.apache.wicket.markup.html.form.Form.process(Form.java:976)
> at
> org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100)
> at
> org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:797)
> at
> org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:708)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258)
> at
> org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216)
> at
> org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:241)
> at
> org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:234)
> at
> org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:895)
> at
> org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
> at
> org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:265)
> at
> org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:222)
> at
> org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
> at
> org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
> at
> org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
> at
> org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
> at
> org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
> at
> org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
> at
> org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
> at
> org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
> at
> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
> at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
> at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
> at org.eclipse.jetty.server.Server.handle(Server.java:517)
> at
> org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306)
> at
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
> at org.eclipse.jetty.io
> .AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
> at org.eclipse.jetty.io
> .FillInterest.fillable(FillInterest.java:95)
> at org.eclipse.jetty.io
> .SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
> at java.lang.Thread.run(Thread.java:748)
> Caused by: java.lang.NullPointerException
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.lookupUser(IsisModuleSecurityRealm.java:149)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:141)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:138)
> at
> org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:188)
> at
> org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:178)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doExecute(IsisModuleSecurityRealm.java:236)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$3.call(IsisModuleSecurityRealm.java:227)
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:364)
> ... 73 more
> 631069 22:18:37,483 [ShiroAuthenticatorOrAuthorizor qtp246168102-19
> ERROR] Unable to authenticate
> org.apache.shiro.authc.AuthenticationException: Authentication failed for
> token submission [org.apache.shiro.authc.UsernamePasswordToken -
> isis-module-security-admin, rememberMe=false].
> Possible unexpected error? (Typical or expected login exceptions should
> extend from AuthenticationException).
> at
> org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:214)
> at
> org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)
> at
> org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)
> at
> org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)
> at
> org.apache.isis.security.shiro.ShiroAuthenticatorOrAuthorizor.authenticate(ShiroAuthenticatorOrAuthorizor.java:151)
> at
> org.apache.isis.core.runtime.authentication.standard.AuthenticationManagerStandard.authenticate(AuthenticationManagerStandard.java:111)
> at
> org.apache.isis.viewer.wicket.viewer.integration.wicket.AuthenticatedWebSessionForIsis.authenticate(AuthenticatedWebSessionForIsis.java:73)
> at
> org.apache.wicket.authroles.authentication.AuthenticatedWebSession.signIn(AuthenticatedWebSession.java:66)
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel.signIn(SignInPanel.java:210)
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel.access$100(SignInPanel.java:46)
> at
> org.apache.wicket.authroles.authentication.panel.SignInPanel$SignInForm.onSubmit(SignInPanel.java:305)
> at
> org.apache.wicket.markup.html.form.Form.delegateSubmit(Form.java:1316)
> at org.apache.wicket.markup.html.form.Form.process(Form.java:976)
> at
> org.apache.wicket.markup.html.form.StatelessForm.process(StatelessForm.java:100)
> at
> org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:797)
> at
> org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form.java:708)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.apache.wicket.RequestListenerInterface.internalInvoke(RequestListenerInterface.java:258)
> at
> org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:216)
> at
> org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.invokeListener(ListenerInterfaceRequestHandler.java:241)
> at
> org.apache.wicket.core.request.handler.ListenerInterfaceRequestHandler.respond(ListenerInterfaceRequestHandler.java:234)
> at
> org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:895)
> at
> org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
> at
> org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:265)
> at
> org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:222)
> at
> org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
> at
> org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
> at
> org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
> at
> org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
> at
> org.apache.isis.core.webapp.diagnostics.IsisLogOnExceptionFilter.doFilter(IsisLogOnExceptionFilter.java:52)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
> at
> org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
> at
> org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
> at
> org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)
> at
> org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
> at
> org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
> at
> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
> at
> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
> at
> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
> at
> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
> at
> org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
> at
> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
> at
> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
> at org.eclipse.jetty.server.Server.handle(Server.java:517)
> at
> org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306)
> at
> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
> at org.eclipse.jetty.io
> .AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
> at org.eclipse.jetty.io
> .FillInterest.fillable(FillInterest.java:95)
> at org.eclipse.jetty.io
> .SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
> at
> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
> at
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
> at java.lang.Thread.run(Thread.java:748)
> Caused by: java.lang.RuntimeException: An error occurred while executing
> code in a temporary session
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:366)
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:344)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.execute(IsisModuleSecurityRealm.java:221)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.lookupPrincipal(IsisModuleSecurityRealm.java:138)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doGetAuthenticationInfo(IsisModuleSecurityRealm.java:76)
> at
> org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)
> at
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)
> at
> org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)
> at
> org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)
> ... 65 more
> Caused by: java.lang.NullPointerException
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.lookupUser(IsisModuleSecurityRealm.java:149)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:141)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$1.execute(IsisModuleSecurityRealm.java:138)
> at
> org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:188)
> at
> org.apache.isis.core.runtime.system.transaction.IsisTransactionManager.executeWithinTransaction(IsisTransactionManager.java:178)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm.doExecute(IsisModuleSecurityRealm.java:236)
> at
> org.isisaddons.module.security.shiro.IsisModuleSecurityRealm$3.call(IsisModuleSecurityRealm.java:227)
> at
> org.apache.isis.core.runtime.system.session.IsisSessionFactory.doInSession(IsisSessionFactory.java:364)
> ... 73 more
>
> Could you explain what I need to do? Why do i get the error?
> What I did was the following:
>
> ################
> Shiro.ini
> ################
> [main]
>
> isisModuleSecurityRealm=org.isisaddons.module.security.shiro.IsisModuleSecurityRealm
>
>
> authenticationStrategy=org.isisaddons.module.security.shiro.AuthenticationStrategyForIsisModuleSecurityRealm
> securityManager.authenticator.authenticationStrategy =
> $authenticationStrategy
>
> securityManager.realms = $isisModuleSecurityRealm
>
> ################
> Isis.properties
> ################
>
> isis.appManifest=domainapp.application.manifest.DomainAppAppManifest
>
> isis.services-installer=configuration-and-annotation
>
> isis.services.ServicesInstallerFromAnnotation.packagePrefix=org.isisaddons.module.security
>
> isis.services =
> org.isisaddons.module.security.dom.password.PasswordEncryptionServiceUsingJBcrypt,\
>
> org.isisaddons.module.security.dom.permission.PermissionsEvaluationServiceAllowBeatsVeto
>
>
> isis.reflector.facets.include=org.isisaddons.module.security.facets.TenantedAuthorizationFacetFactory
>
> isis.reflector.facet.cssClassFa.patterns=\
> new.*:fa-plus,\
> add.*:fa-plus-square,\
> create.*:fa-plus,\
> update.*:fa-edit,\
> remove.*:fa-minus-square,\
> find.*:fa-search,\
> all.*:fa-list
>
> #################
> webapp/pom.xml
> #################
>
> <dependencies>
> <!-- this app -->
> <dependency>
> <groupId>${project.groupId}</groupId>
> <artifactId>Onboarding-application</artifactId>
> </dependency>
>
> <!-- isis -->
> <dependency>
> <groupId>org.apache.isis.mavendeps</groupId>
> <artifactId>isis-mavendeps-webapp</artifactId>
> <type>pom</type>
> </dependency>
>
> <!-- Shiro Module Security-->
> <dependency>
> <groupId>org.isisaddons.module.security</groupId>
> <artifactId>isis-module-security-dom</artifactId>
> <version>1.14.0</version>
> </dependency>
> <dependency>
> <groupId>org.mindrot</groupId>
> <artifactId>jbcrypt</artifactId>
> <version>0.4</version>
> </dependency>
>
> </dependencies>
>
> Thank you in advance.
> Luis Martínez
>