You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "anita kulshreshtha (JIRA)" <de...@geronimo.apache.org> on 2005/12/16 16:45:47 UTC
[jira] Created: (GERONIMO-1375) Invalid login to console should not produce stack trace
Invalid login to console should not produce stack trace
-------------------------------------------------------
Key: GERONIMO-1375
URL: http://issues.apache.org/jira/browse/GERONIMO-1375
Project: Geronimo
Type: Bug
Components: Tomcat
Versions: 1.0-M5
Environment: all
Reporter: anita kulshreshtha
Priority: Minor
Invalid login, e.g. bad user name should not produce the following stack trace. I have not tested if jetty-server also has the same problem.
10:26:41,609 WARN [TomcatGeronimoRealm] Login exception authenticating username "s"
javax.security.auth.login.LoginException: Error filling callback list
at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
:663)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:534)
Caused by: javax.security.auth.login.FailedLoginException
at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
47)
at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
ated>)
at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
... 33 more
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1375) Invalid login to console should not produce stack trace
Posted by "Alan Cabrera (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1375?page=all ]
Alan Cabrera updated GERONIMO-1375:
-----------------------------------
Fix Version: 1.0
1.x
> Invalid login to console should not produce stack trace
> -------------------------------------------------------
>
> Key: GERONIMO-1375
> URL: http://issues.apache.org/jira/browse/GERONIMO-1375
> Project: Geronimo
> Type: Bug
> Components: Tomcat
> Versions: 1.0-M5
> Environment: all
> Reporter: anita kulshreshtha
> Priority: Minor
> Fix For: 1.0, 1.x
>
> Invalid login, e.g. bad user name should not produce the following stack trace. I have not tested if jetty-server also has the same problem.
> 10:26:41,609 WARN [TomcatGeronimoRealm] Login exception authenticating username "s"
> javax.security.auth.login.LoginException: Error filling callback list
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
> at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
> at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
> at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
> at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
> at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
> at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
> at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
> :663)
> at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:534)
> Caused by: javax.security.auth.login.FailedLoginException
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
> 47)
> at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
> at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
> ated>)
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
> ... 33 more
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Assigned: (GERONIMO-1375) Invalid login to console should not produce stack trace
Posted by "Joe Bohn (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1375?page=all ]
Joe Bohn reassigned GERONIMO-1375:
----------------------------------
Assign To: Joe Bohn
> Invalid login to console should not produce stack trace
> -------------------------------------------------------
>
> Key: GERONIMO-1375
> URL: http://issues.apache.org/jira/browse/GERONIMO-1375
> Project: Geronimo
> Type: Bug
> Components: Tomcat
> Versions: 1.0-M5
> Environment: all
> Reporter: anita kulshreshtha
> Assignee: Joe Bohn
> Priority: Minor
> Fix For: 1.0, 1.x
> Attachments: LoginError.patch
>
> Invalid login, e.g. bad user name should not produce the following stack trace. I have not tested if jetty-server also has the same problem.
> 10:26:41,609 WARN [TomcatGeronimoRealm] Login exception authenticating username "s"
> javax.security.auth.login.LoginException: Error filling callback list
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
> at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
> at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
> at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
> at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
> at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
> at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
> at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
> :663)
> at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:534)
> Caused by: javax.security.auth.login.FailedLoginException
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
> 47)
> at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
> at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
> ated>)
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
> ... 33 more
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1375) Invalid login to console should not produce stack trace
Posted by "Joe Bohn (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1375?page=all ]
Joe Bohn updated GERONIMO-1375:
-------------------------------
Geronimo Info: [Patch Available]
> Invalid login to console should not produce stack trace
> -------------------------------------------------------
>
> Key: GERONIMO-1375
> URL: http://issues.apache.org/jira/browse/GERONIMO-1375
> Project: Geronimo
> Type: Bug
> Components: Tomcat
> Versions: 1.0-M5
> Environment: all
> Reporter: anita kulshreshtha
> Assignee: Joe Bohn
> Priority: Minor
> Fix For: 1.0, 1.x
> Attachments: LoginError.patch
>
> Invalid login, e.g. bad user name should not produce the following stack trace. I have not tested if jetty-server also has the same problem.
> 10:26:41,609 WARN [TomcatGeronimoRealm] Login exception authenticating username "s"
> javax.security.auth.login.LoginException: Error filling callback list
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
> at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
> at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
> at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
> at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
> at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
> at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
> at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
> :663)
> at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:534)
> Caused by: javax.security.auth.login.FailedLoginException
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
> 47)
> at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
> at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
> ated>)
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
> ... 33 more
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1375) Invalid login to console should not produce stack trace
Posted by "Joe Bohn (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1375?page=all ]
Joe Bohn updated GERONIMO-1375:
-------------------------------
Component: security
This also affects Jetty but I didn't see a Jetty component in the list of components to choose for the JIRA.
> Invalid login to console should not produce stack trace
> -------------------------------------------------------
>
> Key: GERONIMO-1375
> URL: http://issues.apache.org/jira/browse/GERONIMO-1375
> Project: Geronimo
> Type: Bug
> Components: Tomcat, security
> Versions: 1.0-M5
> Environment: all
> Reporter: anita kulshreshtha
> Assignee: Joe Bohn
> Priority: Minor
> Fix For: 1.0, 1.x
> Attachments: LoginError.patch
>
> Invalid login, e.g. bad user name should not produce the following stack trace. I have not tested if jetty-server also has the same problem.
> 10:26:41,609 WARN [TomcatGeronimoRealm] Login exception authenticating username "s"
> javax.security.auth.login.LoginException: Error filling callback list
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
> at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
> at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
> at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
> at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
> at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
> at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
> at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
> :663)
> at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:534)
> Caused by: javax.security.auth.login.FailedLoginException
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
> 47)
> at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
> at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
> ated>)
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
> ... 33 more
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Updated: (GERONIMO-1375) Invalid login to console should not produce stack trace
Posted by "Joe Bohn (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1375?page=all ]
Joe Bohn updated GERONIMO-1375:
-------------------------------
Attachment: LoginError.patch
This is more of a problem of logging rather than a real problem. I'm not exactly sure of the best way to fix this ... but this patch includes some changes to make the logging more quiet. This patch makes the following changes:
- ServerLoginProxy - Updated return a FailedLoginException rather than wrapping it in a generic LoginException so that Tomcat will handle with a debug message rather than a warning message.
- TomcatGeronimoRealm - Check for null userid/pw and fail the login with a debug message if found.
- JAASJettyRealm - Check for null userid/pw and fail the login with a debug message. Issue a debug message for FailedLoginException rather than a warning message.
> Invalid login to console should not produce stack trace
> -------------------------------------------------------
>
> Key: GERONIMO-1375
> URL: http://issues.apache.org/jira/browse/GERONIMO-1375
> Project: Geronimo
> Type: Bug
> Components: Tomcat
> Versions: 1.0-M5
> Environment: all
> Reporter: anita kulshreshtha
> Priority: Minor
> Fix For: 1.0, 1.x
> Attachments: LoginError.patch
>
> Invalid login, e.g. bad user name should not produce the following stack trace. I have not tested if jetty-server also has the same problem.
> 10:26:41,609 WARN [TomcatGeronimoRealm] Login exception authenticating username "s"
> javax.security.auth.login.LoginException: Error filling callback list
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
> at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
> at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
> at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
> at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
> at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
> at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
> at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
> :663)
> at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:534)
> Caused by: javax.security.auth.login.FailedLoginException
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
> 47)
> at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
> at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
> ated>)
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
> ... 33 more
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Closed: (GERONIMO-1375) Invalid login to console should not produce stack trace
Posted by "Matt Hogstrom (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1375?page=all ]
Matt Hogstrom closed GERONIMO-1375:
-----------------------------------
Fix Version: (was: 1.x)
Resolution: Fixed
Tested onm Jetty and the error does not occur.
> Invalid login to console should not produce stack trace
> -------------------------------------------------------
>
> Key: GERONIMO-1375
> URL: http://issues.apache.org/jira/browse/GERONIMO-1375
> Project: Geronimo
> Type: Bug
> Components: Tomcat, security
> Versions: 1.0-M5
> Environment: all
> Reporter: anita kulshreshtha
> Assignee: Matt Hogstrom
> Priority: Minor
> Fix For: 1.0
> Attachments: LoginError.patch
>
> Invalid login, e.g. bad user name should not produce the following stack trace. I have not tested if jetty-server also has the same problem.
> 10:26:41,609 WARN [TomcatGeronimoRealm] Login exception authenticating username "s"
> javax.security.auth.login.LoginException: Error filling callback list
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
> at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
> at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
> at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
> at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
> at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
> at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
> at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
> :663)
> at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:534)
> Caused by: javax.security.auth.login.FailedLoginException
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
> 47)
> at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
> at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
> ated>)
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
> ... 33 more
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Assigned: (GERONIMO-1375) Invalid login to console should not produce stack trace
Posted by "Matt Hogstrom (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1375?page=all ]
Matt Hogstrom reassigned GERONIMO-1375:
---------------------------------------
Assign To: Matt Hogstrom (was: Joe Bohn)
> Invalid login to console should not produce stack trace
> -------------------------------------------------------
>
> Key: GERONIMO-1375
> URL: http://issues.apache.org/jira/browse/GERONIMO-1375
> Project: Geronimo
> Type: Bug
> Components: Tomcat, security
> Versions: 1.0-M5
> Environment: all
> Reporter: anita kulshreshtha
> Assignee: Matt Hogstrom
> Priority: Minor
> Fix For: 1.0, 1.x
> Attachments: LoginError.patch
>
> Invalid login, e.g. bad user name should not produce the following stack trace. I have not tested if jetty-server also has the same problem.
> 10:26:41,609 WARN [TomcatGeronimoRealm] Login exception authenticating username "s"
> javax.security.auth.login.LoginException: Error filling callback list
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
> at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
> at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
> at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
> at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
> at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
> at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
> at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
> :663)
> at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:534)
> Caused by: javax.security.auth.login.FailedLoginException
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
> 47)
> at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
> at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
> ated>)
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
> ... 33 more
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Commented: (GERONIMO-1375) Invalid login to console should not produce stack trace
Posted by "Matt Hogstrom (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1375?page=comments#action_12360706 ]
Matt Hogstrom commented on GERONIMO-1375:
-----------------------------------------
Patch applied
Sending modules/jetty/src/java/org/apache/geronimo/jetty/JAASJettyRealm.java
Sending modules/security/src/java/org/apache/geronimo/security/jaas/client/ServerLoginProxy.java
Sending modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
Transmitting file data ...
Committed revision 357439.
Works on Tomcat
Still needs testing on Jetty. When confirmed this JIRA should be closed.
> Invalid login to console should not produce stack trace
> -------------------------------------------------------
>
> Key: GERONIMO-1375
> URL: http://issues.apache.org/jira/browse/GERONIMO-1375
> Project: Geronimo
> Type: Bug
> Components: Tomcat, security
> Versions: 1.0-M5
> Environment: all
> Reporter: anita kulshreshtha
> Assignee: Matt Hogstrom
> Priority: Minor
> Fix For: 1.0, 1.x
> Attachments: LoginError.patch
>
> Invalid login, e.g. bad user name should not produce the following stack trace. I have not tested if jetty-server also has the same problem.
> 10:26:41,609 WARN [TomcatGeronimoRealm] Login exception authenticating username "s"
> javax.security.auth.login.LoginException: Error filling callback list
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
> at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
> at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
> at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
> at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
> at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
> at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
> at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
> at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
> at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
> :663)
> at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:534)
> Caused by: javax.security.auth.login.FailedLoginException
> at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
> 47)
> at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
> at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
> at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
> at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
> ated>)
> at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
> ... 33 more
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira