You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by "zx-9r@gmx.net" <zx...@gmx.net> on 2007/03/08 11:14:40 UTC
error in sso management
hello jettspeed group,
i think i have found a bug in the sso-administration. the bug is also reproducible in the new release 2.1.
to reproduce the bug:
- login as admin
- go to Jetspeed Administrative Portlets >> SSO Management
- create two differnent sso-sites
- add to each created sso-site the same user (i used 'user')
- now removing the user from each sso-sites one by one
#when removing the user from the second sso-site in the web-page the following exception occures :
Could not remove credentials: org.apache.jetspeed.sso.SSOException: Failed to store site info in database.org.apache.ojb.broker.PersistenceBrokerException: Error invoking method getPrincipalId
#this error occures in the console:
[org.apache.ojb.broker.core.proxy.IndirectionHandler] WARN: Can not materialize object for Identity org.apache.jetspeed.security.om.impl.InternalUserPrincipalIm
pl{21} - using PBKey org.apache.ojb.broker.PBKey: jcdAlias=JetspeedDS, user=null, password=null
org.apache.ojb.broker.PersistenceBrokerException: Error invoking method getPrincipalId
at org.apache.ojb.broker.core.proxy.IndirectionHandlerDefaultImpl.invoke(IndirectionHandlerDefaultImpl.java:334)
at $Proxy11.getPrincipalId(Unknown Source)
at org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider.findRemoteMatch(PersistenceBrokerSSOProvider.java:964)
at org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider.removeCredentialsForSite(PersistenceBrokerSSOProvider.java:605)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:318)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:203)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:162)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:209)
at $Proxy9.removeCredentialsForSite(Unknown Source)
at org.apache.jetspeed.portlets.security.sso.SSODetails.processAction(SSODetails.java:190)
at org.apache.jetspeed.factory.JetspeedPortletInstance.processAction(JetspeedPortletInstance.java:96)
at org.apache.jetspeed.container.JetspeedContainerServlet.doGet(JetspeedContainerServlet.java:245)
at org.apache.jetspeed.container.JetspeedContainerServlet.doPost(JetspeedContainerServlet.java:383)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:574)
at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:499)
at org.apache.jetspeed.container.invoker.ServletPortletInvoker.invoke(ServletPortletInvoker.java:246)
at org.apache.jetspeed.container.invoker.ServletPortletInvoker.action(ServletPortletInvoker.java:136)
at org.apache.pluto.PortletContainerImpl.processPortletAction(PortletContainerImpl.java:164)
at org.apache.jetspeed.container.JetspeedPortletContainerWrapper.processPortletAction(JetspeedPortletContainerWrapper.java:132)
at org.apache.jetspeed.pipeline.valve.impl.ActionValveImpl.invoke(ActionValveImpl.java:123)
at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
at org.apache.jetspeed.container.ContainerValve.invoke(ContainerValve.java:76)
at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
at org.apache.jetspeed.profiler.impl.ProfilerValveImpl.invoke(ProfilerValveImpl.java:255)
at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
at org.apache.jetspeed.security.impl.LoginValidationValveImpl.invoke(LoginValidationValveImpl.java:159)
at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
at org.apache.jetspeed.security.impl.PasswordCredentialValveImpl.invoke(PasswordCredentialValveImpl.java:149)
at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
at org.apache.jetspeed.localization.impl.LocalizationValveImpl.invoke(LocalizationValveImpl.java:169)
at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
at org.apache.jetspeed.security.impl.AbstractSecurityValve$1.run(AbstractSecurityValve.java:118)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:454)
at org.apache.jetspeed.security.JSSubject.doAsPrivileged(JSSubject.java:195)
at org.apache.jetspeed.security.impl.AbstractSecurityValve.invoke(AbstractSecurityValve.java:112)
at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
at org.apache.jetspeed.container.url.impl.PortalURLValveImpl.invoke(PortalURLValveImpl.java:67)
at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
at org.apache.jetspeed.capabilities.impl.CapabilityValveImpl.invoke(CapabilityValveImpl.java:128)
at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invoke(JetspeedPipeline.java:145)
at org.apache.jetspeed.engine.JetspeedEngine.service(JetspeedEngine.java:214)
at org.apache.jetspeed.engine.JetspeedServlet.doGet(JetspeedServlet.java:242)
at org.apache.jetspeed.engine.JetspeedServlet.doPost(JetspeedServlet.java:269)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.jetspeed.engine.servlet.XXSUrlAttackFilter.doFilter(XXSUrlAttackFilter.java:51)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.NullPointerException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.ojb.broker.core.proxy.IndirectionHandlerDefaultImpl.invoke(IndirectionHandlerDefaultImpl.java:325)
... 75 more
#may a hint(?):
#in
org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider.removeCredentialsForSite(Subject subject, String site)
#if found the code
...
if (remoteForPrincipals.remove(remotePrincipal) == true)
// Update the site
getPersistenceBrokerTemplate().store(ssoSite);
// delete the remote Principal from the SECURITY_PRINCIPAL table
getPersistenceBrokerTemplate().delete(remotePrincipal);
...
#this look like forgotten if-braces but i don't really understand the code
will there be a patch available for this problem in the near of future?
Gunther
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org