You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org> on 2005/11/30 06:14:29 UTC
[jira] Created: (GERONIMO-1248) Problem in using a security realm added through geronimo console
Problem in using a security realm added through geronimo console
----------------------------------------------------------------
Key: GERONIMO-1248
URL: http://issues.apache.org/jira/browse/GERONIMO-1248
Project: Geronimo
Type: Bug
Versions: 1.0
Environment: Win XP, Sun JDK 1.4.2_08
Reporter: Vamsavardhana Reddy
Assigned to: Aaron Mulder
I have created a simple web application that uses a FORM authentication method. In the deployment plan, I have configured the application to use "geronimo-properties-realm". The application works fine.
At this point a added a new realm with name "onemore-properties-realm" through the "Security Realms" portlet. I have modified the deployment plan to use this newly added security realm and redeployed the application. The security part of this application does not work anymore. I am getting the following exception on login attempt.
17:41:53,036 INFO [JAASJettyRealm] problem
javax.security.auth.login.LoginException: java.lang.NullPointerException: target is null
at org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104)
at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173)
at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
at org.mortbay.http.HttpServer.service(HttpServer.java:954)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
at org.mortbay.http.HttpServer.service(HttpServer.java:954)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-1248) Problem in using a security realm added through geronimo console
Posted by "David Jencks (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1248?page=comments#action_12358888 ]
David Jencks commented on GERONIMO-1248:
----------------------------------------
this is caused by a missing reference to JaasLoginService in the plan.
<reference name="LoginService"><module>org/apache/geronimo/Security</module><name>JaasLoginService</name></reference>
> Problem in using a security realm added through geronimo console
> ----------------------------------------------------------------
>
> Key: GERONIMO-1248
> URL: http://issues.apache.org/jira/browse/GERONIMO-1248
> Project: Geronimo
> Type: Bug
> Versions: 1.0
> Environment: Win XP, Sun JDK 1.4.2_08
> Reporter: Vamsavardhana Reddy
> Assignee: Aaron Mulder
>
> I have created a simple web application that uses a FORM authentication method. In the deployment plan, I have configured the application to use "geronimo-properties-realm". The application works fine.
> At this point a added a new realm with name "onemore-properties-realm" through the "Security Realms" portlet. I have modified the deployment plan to use this newly added security realm and redeployed the application. The security part of this application does not work anymore. I am getting the following exception on login attempt.
> 17:41:53,036 INFO [JAASJettyRealm] problem
> javax.security.auth.login.LoginException: java.lang.NullPointerException: target is null
> at org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
> at javax.security.auth.login.LoginContext.login(Unknown Source)
> at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> at javax.security.auth.login.LoginContext.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
> at javax.security.auth.login.LoginContext.login(Unknown Source)
> at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Resolved: (GERONIMO-1248) Problem in using a security realm added through geronimo console
Posted by "Aaron Mulder (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1248?page=all ]
Aaron Mulder resolved GERONIMO-1248:
------------------------------------
Fix Version: 1.0
Resolution: Fixed
Should have been fixed by a change last week to add the login service reference -- please test! Thanks!
> Problem in using a security realm added through geronimo console
> ----------------------------------------------------------------
>
> Key: GERONIMO-1248
> URL: http://issues.apache.org/jira/browse/GERONIMO-1248
> Project: Geronimo
> Type: Bug
> Versions: 1.0-M5
> Environment: Win XP, Sun JDK 1.4.2_08
> Reporter: Vamsavardhana Reddy
> Assignee: Aaron Mulder
> Fix For: 1.0
>
> I have created a simple web application that uses a FORM authentication method. In the deployment plan, I have configured the application to use "geronimo-properties-realm". The application works fine.
> At this point a added a new realm with name "onemore-properties-realm" through the "Security Realms" portlet. I have modified the deployment plan to use this newly added security realm and redeployed the application. The security part of this application does not work anymore. I am getting the following exception on login attempt.
> 17:41:53,036 INFO [JAASJettyRealm] problem
> javax.security.auth.login.LoginException: java.lang.NullPointerException: target is null
> at org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
> at javax.security.auth.login.LoginContext.login(Unknown Source)
> at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> at javax.security.auth.login.LoginContext.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
> at javax.security.auth.login.LoginContext.login(Unknown Source)
> at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1248) Problem in using a security realm added through geronimo console
Posted by "Aaron Mulder (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1248?page=all ]
Aaron Mulder updated GERONIMO-1248:
-----------------------------------
Version: 1.0-M5
(was: 1.0)
> Problem in using a security realm added through geronimo console
> ----------------------------------------------------------------
>
> Key: GERONIMO-1248
> URL: http://issues.apache.org/jira/browse/GERONIMO-1248
> Project: Geronimo
> Type: Bug
> Versions: 1.0-M5
> Environment: Win XP, Sun JDK 1.4.2_08
> Reporter: Vamsavardhana Reddy
> Assignee: Aaron Mulder
> Fix For: 1.0
>
> I have created a simple web application that uses a FORM authentication method. In the deployment plan, I have configured the application to use "geronimo-properties-realm". The application works fine.
> At this point a added a new realm with name "onemore-properties-realm" through the "Security Realms" portlet. I have modified the deployment plan to use this newly added security realm and redeployed the application. The security part of this application does not work anymore. I am getting the following exception on login attempt.
> 17:41:53,036 INFO [JAASJettyRealm] problem
> javax.security.auth.login.LoginException: java.lang.NullPointerException: target is null
> at org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
> at javax.security.auth.login.LoginContext.login(Unknown Source)
> at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> at javax.security.auth.login.LoginContext.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
> at javax.security.auth.login.LoginContext.login(Unknown Source)
> at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Closed: (GERONIMO-1248) Problem in using a security realm added through geronimo console
Posted by "Vamsavardhana Reddy (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1248?page=all ]
Vamsavardhana Reddy closed GERONIMO-1248:
-----------------------------------------
> Problem in using a security realm added through geronimo console
> ----------------------------------------------------------------
>
> Key: GERONIMO-1248
> URL: http://issues.apache.org/jira/browse/GERONIMO-1248
> Project: Geronimo
> Type: Bug
> Versions: 1.0-M5
> Environment: Win XP, Sun JDK 1.4.2_08
> Reporter: Vamsavardhana Reddy
> Assignee: Aaron Mulder
> Fix For: 1.0
>
> I have created a simple web application that uses a FORM authentication method. In the deployment plan, I have configured the application to use "geronimo-properties-realm". The application works fine.
> At this point a added a new realm with name "onemore-properties-realm" through the "Security Realms" portlet. I have modified the deployment plan to use this newly added security realm and redeployed the application. The security part of this application does not work anymore. I am getting the following exception on login attempt.
> 17:41:53,036 INFO [JAASJettyRealm] problem
> javax.security.auth.login.LoginException: java.lang.NullPointerException: target is null
> at org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
> at javax.security.auth.login.LoginContext.login(Unknown Source)
> at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> at javax.security.auth.login.LoginContext.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
> at javax.security.auth.login.LoginContext.login(Unknown Source)
> at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira