You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Henry McClain <he...@gmail.com> on 2006/09/21 16:17:05 UTC
Attempting JAAS Authentication throws ArrayIndexOutOfBoundsException in NTSystem
Gentlemen,
I am attempting to authenticate users via JAAS NTLoginModule and repeatedly
recieve an ArrayIndexOutOfBoundsException wrapped in a LoginException. The
error is (packages removed for confidentiality purposes):
javax.security.auth.login.LoginException:
java.lang.ArrayIndexOutOfBoundsException
at com.sun.security.auth.module.NTSystem.getCurrent(Native Method)
at com.sun.security.auth.module.NTSystem.<init>(Unknown Source)
at com.sun.security.auth.module.NTLoginModule.login(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at -------confidential-------- .UserServiceBean.authenticate(
UserServiceBean.java:40)
at -------confidential-------- .UserServiceBean.registerNewUser(
UserServiceBean.java:130)
at -------confidential-------- .servlets.AppManagerInitServlet.init(
AppManagerInitServlet.java:33)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java
:243)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java
:275)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(
SecurityUtil.java:161)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(
SecurityUtil.java:114)
at org.apache.catalina.core.StandardWrapper.loadServlet(
StandardWrapper.java:1099)
at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java
:932)
at org.apache.catalina.core.StandardContext.loadOnStartup(
StandardContext.java:3917)
at org.apache.catalina.core.StandardContext.start(StandardContext.java
:4201)
at org.apache.catalina.core.ContainerBase.addChildInternal(
ContainerBase.java:759)
at org.apache.catalina.core.ContainerBase.access$000(ContainerBase.java
:121)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(
ContainerBase.java:143)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java
:737)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:809)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java
:698)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java
:472)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java
:310)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(
LifecycleSupport.java:119)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java
:442)
at org.apache.catalina.core.StandardService.start(StandardService.java
:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java
:709)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
NTSystem.getCurrent(Native Method) is a private method of NTSystem.
This code executed as a standalone application works perfectly. This code
executed in Tomcat 5.5 (not a servlet) fails. I have exhaustively researched
this on the web and have attempted to trace the problem in the JAAS source
code. The current operation has a servlet (AppManagerInitServlet)
initializing on Tomcat startup that attempts to authenticate a known user
(for testing purposes). I am currently executing this code with the Catalina
SecurityManager in place, but I have get the exact same results not using
the Catalina SecurityManager. For testing purposes, I have given my web
application java.security.AllPermission until this can be resolved. Beyond
instantiating a LoginContext and passing it my CallbackHandler I have no
idea why this would fail, especially since it works in one environment and
not another.
Please help.
=====================================================================================================================
My environment:
Windows XP SP2
JDK 1.5.0_06 ( I have also tested on 1.5.0_08 with the same results)
Tomcat 5.5.17
Relevant JVM switches:
-Djava.security.manager
-Djava.security.policy=D:\Program Files\Apache Software Foundation\Tomcat
5.5\conf\catalina.policy
-Djava.security.auth.login.config=D:\Program Files\Apache Software
Foundation\Tomcat 5.5\conf\jaas.conf
catalina.policy
// FOR TESTING PURPOSES ONLY
grant codeBase "file:${catalina.home}/webapps/myapp/-" {
permission java.security.AllPermission;
};
JAAS Config File:
mydomain {
com.sun.security.auth.module.NTLoginModule required debug=true;
};
--
Henry McClain
"Life is hard. Wear a helmet"
"Tell your wife that she looks pretty, even if she looks like a truck."
--
Re: Attempting JAAS Authentication throws ArrayIndexOutOfBoundsException in NTSystem
Posted by Henry McClain <he...@gmail.com>.
Turns out that stoping/starting the Tomcat service with the Tomcat provided
service control panel was causing the problem. Using the Windows Services
control panel, for whatever reason, allows my authentication scheme to work
correctly.
H
On 9/21/06, Henry McClain <he...@gmail.com> wrote:
>
> Gentlemen,
>
> I am attempting to authenticate users via JAAS NTLoginModule and
> repeatedly recieve an ArrayIndexOutOfBoundsException wrapped in a
> LoginException. The error is (packages removed for confidentiality
> purposes):
>
> javax.security.auth.login.LoginException :
> java.lang.ArrayIndexOutOfBoundsException
> at com.sun.security.auth.module.NTSystem.getCurrent(Native Method)
> at com.sun.security.auth.module.NTSystem.<init>(Unknown Source)
> at com.sun.security.auth.module.NTLoginModule.login(Unknown Source)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke (Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at javax.security.auth.login.LoginContext.invoke (Unknown Source)
> at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.login.LoginContext.invokePriv (Unknown Source)
> at javax.security.auth.login.LoginContext.login(Unknown Source)
> at -------confidential-------- .UserServiceBean.authenticate(
> UserServiceBean.java:40)
> at -------confidential-------- .UserServiceBean.registerNewUser(
> UserServiceBean.java:130)
> at -------confidential-------- .servlets.AppManagerInitServlet.init(
> AppManagerInitServlet.java:33)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java
> :243)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.security.auth.Subject.doAsPrivileged(Unknown Source)
> at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
> at org.apache.catalina.security.SecurityUtil.doAsPrivilege(
> SecurityUtil.java:161)
> at org.apache.catalina.security.SecurityUtil.doAsPrivilege(
> SecurityUtil.java:114)
> at org.apache.catalina.core.StandardWrapper.loadServlet(
> StandardWrapper.java:1099)
> at org.apache.catalina.core.StandardWrapper.load (StandardWrapper.java
> :932)
> at org.apache.catalina.core.StandardContext.loadOnStartup(
> StandardContext.java:3917)
> at org.apache.catalina.core.StandardContext.start(StandardContext.java
> :4201)
> at org.apache.catalina.core.ContainerBase.addChildInternal(
> ContainerBase.java:759)
> at org.apache.catalina.core.ContainerBase.access$000(
> ContainerBase.java:121)
> at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run (
> ContainerBase.java:143)
> at java.security.AccessController.doPrivileged(Native Method)
> at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java
> :737)
> at org.apache.catalina.core.StandardHost.addChild(StandardHost.java
> :524)
> at org.apache.catalina.startup.HostConfig.deployWAR (HostConfig.java
> :809)
> at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java
> :698)
> at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java
> :472)
> at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
> at org.apache.catalina.startup.HostConfig.lifecycleEvent (
> HostConfig.java:310)
> at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(
> LifecycleSupport.java:119)
> at org.apache.catalina.core.ContainerBase.start(ContainerBase.java
> :1021)
> at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
> at org.apache.catalina.core.ContainerBase.start(ContainerBase.java
> :1013)
> at org.apache.catalina.core.StandardEngine.start (StandardEngine.java
> :442)
> at org.apache.catalina.core.StandardService.start(StandardService.java
> :450)
> at org.apache.catalina.core.StandardServer.start(StandardServer.java
> :709)
> at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
> at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java :294)
> at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
>
> NTSystem.getCurrent(Native Method) is a private method of NTSystem .
>
> This code executed as a standalone application works perfectly. This code
> executed in Tomcat 5.5 (not a servlet) fails. I have exhaustively
> researched this on the web and have attempted to trace the problem in the
> JAAS source code. The current operation has a servlet (
> AppManagerInitServlet ) initializing on Tomcat startup that attempts to
> authenticate a known user (for testing purposes). I am currently executing
> this code with the Catalina SecurityManager in place, but I have get the
> exact same results not using the Catalina SecurityManager. For testing
> purposes, I have given my web application java.security.AllPermissionuntil this can be resolved. Beyond instantiating a
> LoginContext and passing it my CallbackHandler I have no idea why this
> would fail, especially since it works in one environment and not another.
>
> Please help.
> =====================================================================================================================
>
>
> My environment:
> Windows XP SP2
> JDK 1.5.0_06 ( I have also tested on 1.5.0_08 with the same results)
> Tomcat 5.5.17
>
> Relevant JVM switches:
> -Djava.security.manager
> -Djava.security.policy=D:\Program Files\Apache Software Foundation\Tomcat
> 5.5\conf\catalina.policy
> -Djava.security.auth.login.config=D:\Program Files\Apache Software
> Foundation\Tomcat 5.5\conf\jaas.conf
>
> catalina.policy
> // FOR TESTING PURPOSES ONLY
> grant codeBase "file:${ catalina.home}/webapps/myapp/-" {
> permission java.security.AllPermission;
> };
>
> JAAS Config File:
> mydomain {
> com.sun.security.auth.module.NTLoginModule required debug=true;
> };
>
>
>
> --
> Henry McClain
>
> "Life is hard. Wear a helmet"
> "Tell your wife that she looks pretty, even if she looks like a truck."
> --
--
Henry McClain
"Life is hard. Wear a helmet"
"Tell your wife that she looks pretty, even if she looks like a truck."
--