You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by Vamsavardhana Reddy <c1...@gmail.com> on 2005/11/29 13:47:12 UTC
Problem in using a security realm added through geronimo console
Here is the description of problem I am facing.
I have created a simple web application that uses a FORM authentication
method. In the deployment plan, I have configured the application to use
"geronimo-properties-realm". The application works fine.
At this point a added a new realm with name "onemore-properties-realm"
through the "Security Realms" portlet. I have modified the deployment plan
to use this newly added security realm and redeployed the application. The
security part of this application does not work anymore. I am getting the
following exception on login attempt.
17:41:53,036 INFO [JAASJettyRealm] problem
javax.security.auth.login.LoginException: java.lang.NullPointerException:
target is null
at org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(
BasicProxyManager.java:104)
at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect
(JaasLoginCoordinator.java:173)
at
org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(
JaasLoginCoordinator.java:85)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(
JAASJettyRealm.java:92)
at
org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(
FormAuthenticator.java:305)
at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(
FormAuthenticator.java:148)
at
org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(
SecurityContextBeforeAfter.java:282)
at
org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints
(SecurityContextBeforeAfter.java:191)
at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints
(JettyWebAppContext.java:520)
at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(
WebApplicationHandler.java:432)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java
:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
at org.mortbay.jetty.servlet.WebApplicationContext.handle(
WebApplicationContext.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
at org.mortbay.http.HttpServer.service(HttpServer.java:954)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
at org.mortbay.http.SocketListener.handleConnection(SocketListener.java
:244)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(
JAASJettyRealm.java:92)
at
org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(
FormAuthenticator.java:305)
at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(
FormAuthenticator.java:148)
at
org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(
SecurityContextBeforeAfter.java:282)
at
org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints
(SecurityContextBeforeAfter.java:191)
at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints
(JettyWebAppContext.java:520)
at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(
WebApplicationHandler.java:432)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java
:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
at org.mortbay.jetty.servlet.WebApplicationContext.handle(
WebApplicationContext.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
at org.mortbay.http.HttpServer.service(HttpServer.java:954)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
at org.mortbay.http.SocketListener.handleConnection(SocketListener.java
:244)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
Re: Problem in using a security realm added through geronimo console
Posted by Vamsavardhana Reddy <c1...@gmail.com>.
Done. http://issues.apache.org/jira/browse/GERONIMO-1248
-Vamsi
On 11/29/05, Aaron Mulder <am...@alumni.princeton.edu> wrote:
>
> If someone puts in a JIRA for that I can make the fix. At the moment
> the portlet's just using the XMLBeans from service-builder and
> security-builder to build the plan.
>
> Aaron
>
> On 11/29/05, David Jencks <da...@yahoo.com> wrote:
> > It looks to me as if the portlet is broken, and needs to add
> >
> > <reference
> > name="LoginService"><module>org/apache/geronimo/Security</
> > module><name>JaasLoginService</name></reference>
> >
> > to the plan it generates. Unfortunately I'm not sure how the portlet
> > works.... perhaps filing a jira issue would be a good idea.
> >
> > thanks
> > david jencks
> >
> > On Nov 29, 2005, at 5:12 AM, Vamsavardhana Reddy wrote:
> >
> > > The new realm is added through "Security realms" portlet and it shows
> > > the following plan on clicking the "show plan" button.
> > >
> > > <configuration configId="SecurityRealmonemore-security-realm"
> > > parentId="org/apache/geronimo/Server"
> > > xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0">
> > > <gbean name="onemore-security-realm"
> > > class="org.apache.geronimo.security.realm.GenericSecurityRealm">
> > > <attribute name="realmName">onemore-security-realm</attribute>
> > > <reference name="ServerInfo">
> > >
> > > <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/
> > > apache/geronimo/
> > > System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name>
> > > </reference>
> > > <xml-reference name="LoginModuleConfiguration">
> > > <log:login-config
> > > xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0">
> > > <log:login-module control-flag="REQUIRED"
> > > server-side="true">
> > >
> > > <log:login-domain-name>onemore-security-realm</log:login-domain-name>
> > >
> > > <log:login-module-
> > > class>
> org.apache.geronimo.security.realm.providers.PropertiesFileLoginM
> > > odule</log:login-module-class>
> > > <log:option
> > > name="usersURI">var/security/vamsi-users.properties</log:option>
> > > <log:option
> > > name="groupsURI">var/security/vamsi-groups.properties</log:option>
> > > </log:login-module>
> > > </log:login-config>
> > > </xml-reference>
> > > </gbean>
> > > </configuration>
> > >
> > > On 11/29/05, Krishnakumar B <ww...@gmail.com> wrote:
> > >>
> > >> Check the deployment plan if the references are correct.
> > >>
> > >> Sample plan file.
> > >>
> > >> <gbean name="test-realm"
> > >> class="org.apache.geronimo.security.realm.GenericSecurityRealm">
> > >> <attribute name="realmName">test-realm</attribute>
> > >> <reference name="LoginModuleConfiguration">
> > >> <name>test-login</name>
> > >> </reference>
> > >> <reference name="ServerInfo">
> > >> <module>org/apache/geronimo/System</module>
> > >> <name>ServerInfo</name>
> > >> </reference>
> > >> <reference
> > >> name="LoginService"><module>org/apache/geronimo/Security</
> > >> module><name>JaasLoginService</name></reference>
> > >> </gbean>
> > >>
> > >> <gbean name="test-login"
> > >> class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
> > >> <attribute name="controlFlag">REQUIRED</attribute>
> > >> <reference name="LoginModule">
> > >> <name>test-login</name>
> > >> </reference>
> > >> </gbean>
> > >> </configuration>
> > >>
> > >> Regards
> > >> Krish
> > >>
> > >> On 11/29/05, Vamsavardhana Reddy < c1vamsi1c@gmail.com> wrote:
> > >> > Here is the description of problem I am facing.
> > >> >
> > >> > I have created a simple web application that uses a FORM
> > >> authentication
> > >> > method.In the deployment plan, I have configured the application
> > >> to use
> > >> > "geronimo-properties-realm".The application works fine.
> > >> >
> > >> > At this point a added a new realm with name
> > >> "onemore-properties-realm"
> > >> > through the "Security Realms" portlet.I have modified the
> > >> deployment plan
> > >> > to use this newly added security realm and redeployed the
> > >> application.The
> > >> > security part of this application does not work anymore.I am
> > >> getting the
> > >> > following exception on login attempt.
> > >> >
> > >> >
> > >> > 17:41:53,036 INFO[JAASJettyRealm] problem
> > >> > javax.security.auth.login.LoginException:
> > >> > java.lang.NullPointerException: target is null
> > >> > at
> > >> > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy
> > >> (BasicProxyManager.java:104)
> > >> > at
> > >> >
> > >> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect
> (
> > >> JaasLoginCoordinator.java:173)
> > >> > at
> > >> >
> > >>
> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initiali
> > >> ze (JaasLoginCoordinator.java:85)
> > >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> > >> > Method)
> > >> > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> > >> > Source)
> > >> > at
> > >> > sun.reflect.DelegatingMethodAccessorImpl.invoke (Unknown
> > >> > Source)
> > >> > at java.lang.reflect.Method.invoke(Unknown Source)
> > >> > at
> > >> > javax.security.auth.login.LoginContext.invoke(Unknown
> > >> > Source)
> > >> > at
> > >> > javax.security.auth.login.LoginContext.access$000 (Unknown
> > >> > Source)
> > >> > at javax.security.auth.login.LoginContext$4.run(Unknown
> > >> > Source)
> > >> > at java.security.AccessController.doPrivileged(Native
> > >> > Method)
> > >> > at
> > >> > javax.security.auth.login.LoginContext.invokeModule (Unknown
> > >> > Source)
> > >> > at javax.security.auth.login.LoginContext.login(Unknown
> > >> > Source)
> > >> > at
> > >> >
> > >> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(
> JAASJettyRealm.j
> > >> ava:92)
> > >> > at
> > >> >
> > >>
> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat
> > >> e(FormAuthenticator.java:305)
> > >> > at
> > >> >
> > >> org.mortbay.jetty.servlet.FormAuthenticator.authenticate
> (FormAuthentic
> > >> ator.java:148)
> > >> > at
> > >> >
> > >>
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai
> > >> nUser(SecurityContextBeforeAfter.java:282)
> > >> > at
> > >> >
> > >>
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check
> > >> SecurityConstraints (SecurityContextBeforeAfter.java:191)
> > >> > at
> > >> >
> > >> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints
> (
> > >> JettyWebAppContext.java:520)
> > >> > at
> > >> > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch
> > >> (WebApplicationHandler.java:432)
> > >> > at
> > >> >
> > >> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:
> > >> 568)
> > >> > at
> > >> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> > >> > at
> > >> >
> > >> org.mortbay.jetty.servlet.WebApplicationContext.handle
> (WebApplicationC
> > >> ontext.java:633)
> > >> > at
> > >> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> > >> > at
> > >> > org.mortbay.http.HttpServer.service (HttpServer.java:954)
> > >> > at
> > >> > org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> > >> > at
> > >> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> > >> > at
> > >> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> > >> > at
> > >> >
> > >> org.mortbay.http.SocketListener.handleConnection(SocketListener.java:
> > >> 244)
> > >> > at
> > >> > org.mortbay.util.ThreadedServer.handle (ThreadedServer.java:357)
> > >> > at
> > >> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> > >> >
> > >> > at
> > >> > javax.security.auth.login.LoginContext.invoke(Unknown
> > >> > Source)
> > >> > at
> > >> > javax.security.auth.login.LoginContext.access$000(Unknown
> > >> > Source)
> > >> > at javax.security.auth.login.LoginContext$4.run(Unknown
> > >> > Source)
> > >> > at java.security.AccessController.doPrivileged (Native
> > >> > Method)
> > >> > at
> > >> > javax.security.auth.login.LoginContext.invokeModule(Unknown
> > >> > Source)
> > >> > at javax.security.auth.login.LoginContext.login(Unknown
> > >> > Source)
> > >> > at
> > >> >
> > >> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(
> JAASJettyRealm.j
> > >> ava:92)
> > >> > at
> > >> >
> > >>
> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat
> > >> e(FormAuthenticator.java:305)
> > >> > at
> > >> >
> > >> org.mortbay.jetty.servlet.FormAuthenticator.authenticate
> (FormAuthentic
> > >> ator.java:148)
> > >> > at
> > >> >
> > >>
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai
> > >> nUser(SecurityContextBeforeAfter.java :282)
> > >> > at
> > >> >
> > >>
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check
> > >> SecurityConstraints(SecurityContextBeforeAfter.java:191)
> > >> > at
> > >> >
> > >> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints
> > >> (JettyWebAppContext.java:520)
> > >> > at
> > >> >
> > >> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch
> (WebApplicatio
> > >> nHandler.java:432)
> > >> > at
> > >> > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java
> > >> :568)
> > >> > at
> > >> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> > >> > at
> > >> >
> > >> org.mortbay.jetty.servlet.WebApplicationContext.handle
> (WebApplicationC
> > >> ontext.java:633)
> > >> > at
> > >> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> > >> > at
> > >> > org.mortbay.http.HttpServer.service(HttpServer.java:954)
> > >> > at
> > >> > org.mortbay.http.HttpConnection.service(HttpConnection.java :816)
> > >> > at
> > >> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> > >> > at
> > >> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> > >> > at
> > >> > org.mortbay.http.SocketListener.handleConnection
> > >> (SocketListener.java:244)
> > >> > at
> > >> > org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> > >> > at
> > >> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> > >> >
> > >> >
> > >
> >
> >
>
Re: Problem in using a security realm added through geronimo console
Posted by Aaron Mulder <am...@alumni.princeton.edu>.
If someone puts in a JIRA for that I can make the fix. At the moment
the portlet's just using the XMLBeans from service-builder and
security-builder to build the plan.
Aaron
On 11/29/05, David Jencks <da...@yahoo.com> wrote:
> It looks to me as if the portlet is broken, and needs to add
>
> <reference
> name="LoginService"><module>org/apache/geronimo/Security</
> module><name>JaasLoginService</name></reference>
>
> to the plan it generates. Unfortunately I'm not sure how the portlet
> works.... perhaps filing a jira issue would be a good idea.
>
> thanks
> david jencks
>
> On Nov 29, 2005, at 5:12 AM, Vamsavardhana Reddy wrote:
>
> > The new realm is added through "Security realms" portlet and it shows
> > the following plan on clicking the "show plan" button.
> >
> > <configuration configId="SecurityRealmonemore-security-realm"
> > parentId="org/apache/geronimo/Server"
> > xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0">
> > <gbean name="onemore-security-realm"
> > class="org.apache.geronimo.security.realm.GenericSecurityRealm">
> > <attribute name="realmName">onemore-security-realm</attribute>
> > <reference name="ServerInfo">
> >
> > <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/
> > apache/geronimo/
> > System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name>
> > </reference>
> > <xml-reference name="LoginModuleConfiguration">
> > <log:login-config
> > xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0">
> > <log:login-module control-flag="REQUIRED"
> > server-side="true">
> >
> > <log:login-domain-name>onemore-security-realm</log:login-domain-name>
> >
> > <log:login-module-
> > class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginM
> > odule</log:login-module-class>
> > <log:option
> > name="usersURI">var/security/vamsi-users.properties</log:option>
> > <log:option
> > name="groupsURI">var/security/vamsi-groups.properties</log:option>
> > </log:login-module>
> > </log:login-config>
> > </xml-reference>
> > </gbean>
> > </configuration>
> >
> > On 11/29/05, Krishnakumar B <ww...@gmail.com> wrote:
> >>
> >> Check the deployment plan if the references are correct.
> >>
> >> Sample plan file.
> >>
> >> <gbean name="test-realm"
> >> class="org.apache.geronimo.security.realm.GenericSecurityRealm">
> >> <attribute name="realmName">test-realm</attribute>
> >> <reference name="LoginModuleConfiguration">
> >> <name>test-login</name>
> >> </reference>
> >> <reference name="ServerInfo">
> >> <module>org/apache/geronimo/System</module>
> >> <name>ServerInfo</name>
> >> </reference>
> >> <reference
> >> name="LoginService"><module>org/apache/geronimo/Security</
> >> module><name>JaasLoginService</name></reference>
> >> </gbean>
> >>
> >> <gbean name="test-login"
> >> class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
> >> <attribute name="controlFlag">REQUIRED</attribute>
> >> <reference name="LoginModule">
> >> <name>test-login</name>
> >> </reference>
> >> </gbean>
> >> </configuration>
> >>
> >> Regards
> >> Krish
> >>
> >> On 11/29/05, Vamsavardhana Reddy < c1vamsi1c@gmail.com> wrote:
> >> > Here is the description of problem I am facing.
> >> >
> >> > I have created a simple web application that uses a FORM
> >> authentication
> >> > method.In the deployment plan, I have configured the application
> >> to use
> >> > "geronimo-properties-realm".The application works fine.
> >> >
> >> > At this point a added a new realm with name
> >> "onemore-properties-realm"
> >> > through the "Security Realms" portlet.I have modified the
> >> deployment plan
> >> > to use this newly added security realm and redeployed the
> >> application.The
> >> > security part of this application does not work anymore.I am
> >> getting the
> >> > following exception on login attempt.
> >> >
> >> >
> >> > 17:41:53,036 INFO[JAASJettyRealm] problem
> >> > javax.security.auth.login.LoginException:
> >> > java.lang.NullPointerException: target is null
> >> > at
> >> > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy
> >> (BasicProxyManager.java:104)
> >> > at
> >> >
> >> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(
> >> JaasLoginCoordinator.java:173)
> >> > at
> >> >
> >> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initiali
> >> ze (JaasLoginCoordinator.java:85)
> >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> >> > Method)
> >> > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> >> > Source)
> >> > at
> >> > sun.reflect.DelegatingMethodAccessorImpl.invoke (Unknown
> >> > Source)
> >> > at java.lang.reflect.Method.invoke(Unknown Source)
> >> > at
> >> > javax.security.auth.login.LoginContext.invoke(Unknown
> >> > Source)
> >> > at
> >> > javax.security.auth.login.LoginContext.access$000 (Unknown
> >> > Source)
> >> > at javax.security.auth.login.LoginContext$4.run(Unknown
> >> > Source)
> >> > at java.security.AccessController.doPrivileged(Native
> >> > Method)
> >> > at
> >> > javax.security.auth.login.LoginContext.invokeModule (Unknown
> >> > Source)
> >> > at javax.security.auth.login.LoginContext.login(Unknown
> >> > Source)
> >> > at
> >> >
> >> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j
> >> ava:92)
> >> > at
> >> >
> >> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat
> >> e(FormAuthenticator.java:305)
> >> > at
> >> >
> >> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic
> >> ator.java:148)
> >> > at
> >> >
> >> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai
> >> nUser(SecurityContextBeforeAfter.java:282)
> >> > at
> >> >
> >> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check
> >> SecurityConstraints (SecurityContextBeforeAfter.java:191)
> >> > at
> >> >
> >> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(
> >> JettyWebAppContext.java:520)
> >> > at
> >> > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch
> >> (WebApplicationHandler.java:432)
> >> > at
> >> >
> >> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:
> >> 568)
> >> > at
> >> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> >> > at
> >> >
> >> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationC
> >> ontext.java:633)
> >> > at
> >> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> >> > at
> >> > org.mortbay.http.HttpServer.service (HttpServer.java:954)
> >> > at
> >> > org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> >> > at
> >> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> >> > at
> >> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> >> > at
> >> >
> >> org.mortbay.http.SocketListener.handleConnection(SocketListener.java:
> >> 244)
> >> > at
> >> > org.mortbay.util.ThreadedServer.handle (ThreadedServer.java:357)
> >> > at
> >> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> >> >
> >> > at
> >> > javax.security.auth.login.LoginContext.invoke(Unknown
> >> > Source)
> >> > at
> >> > javax.security.auth.login.LoginContext.access$000(Unknown
> >> > Source)
> >> > at javax.security.auth.login.LoginContext$4.run(Unknown
> >> > Source)
> >> > at java.security.AccessController.doPrivileged (Native
> >> > Method)
> >> > at
> >> > javax.security.auth.login.LoginContext.invokeModule(Unknown
> >> > Source)
> >> > at javax.security.auth.login.LoginContext.login(Unknown
> >> > Source)
> >> > at
> >> >
> >> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j
> >> ava:92)
> >> > at
> >> >
> >> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat
> >> e(FormAuthenticator.java:305)
> >> > at
> >> >
> >> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic
> >> ator.java:148)
> >> > at
> >> >
> >> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai
> >> nUser(SecurityContextBeforeAfter.java :282)
> >> > at
> >> >
> >> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check
> >> SecurityConstraints(SecurityContextBeforeAfter.java:191)
> >> > at
> >> >
> >> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints
> >> (JettyWebAppContext.java:520)
> >> > at
> >> >
> >> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicatio
> >> nHandler.java:432)
> >> > at
> >> > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java
> >> :568)
> >> > at
> >> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> >> > at
> >> >
> >> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationC
> >> ontext.java:633)
> >> > at
> >> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> >> > at
> >> > org.mortbay.http.HttpServer.service(HttpServer.java:954)
> >> > at
> >> > org.mortbay.http.HttpConnection.service(HttpConnection.java :816)
> >> > at
> >> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> >> > at
> >> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> >> > at
> >> > org.mortbay.http.SocketListener.handleConnection
> >> (SocketListener.java:244)
> >> > at
> >> > org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> >> > at
> >> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> >> >
> >> >
> >
>
>
Re: Problem in using a security realm added through geronimo console
Posted by David Jencks <da...@yahoo.com>.
It looks to me as if the portlet is broken, and needs to add
<reference
name="LoginService"><module>org/apache/geronimo/Security</
module><name>JaasLoginService</name></reference>
to the plan it generates. Unfortunately I'm not sure how the portlet
works.... perhaps filing a jira issue would be a good idea.
thanks
david jencks
On Nov 29, 2005, at 5:12 AM, Vamsavardhana Reddy wrote:
> The new realm is added through "Security realms" portlet and it shows
> the following plan on clicking the "show plan" button.
>
> <configuration configId="SecurityRealmonemore-security-realm"
> parentId="org/apache/geronimo/Server"
> xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0">
> <gbean name="onemore-security-realm"
> class="org.apache.geronimo.security.realm.GenericSecurityRealm">
> <attribute name="realmName">onemore-security-realm</attribute>
> <reference name="ServerInfo">
>
> <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/
> apache/geronimo/
> System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name>
> </reference>
> <xml-reference name="LoginModuleConfiguration">
> <log:login-config
> xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0">
> <log:login-module control-flag="REQUIRED"
> server-side="true">
>
> <log:login-domain-name>onemore-security-realm</log:login-domain-name>
>
> <log:login-module-
> class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginM
> odule</log:login-module-class>
> <log:option
> name="usersURI">var/security/vamsi-users.properties</log:option>
> <log:option
> name="groupsURI">var/security/vamsi-groups.properties</log:option>
> </log:login-module>
> </log:login-config>
> </xml-reference>
> </gbean>
> </configuration>
>
> On 11/29/05, Krishnakumar B <ww...@gmail.com> wrote:
>>
>> Check the deployment plan if the references are correct.
>>
>> Sample plan file.
>>
>> <gbean name="test-realm"
>> class="org.apache.geronimo.security.realm.GenericSecurityRealm">
>> <attribute name="realmName">test-realm</attribute>
>> <reference name="LoginModuleConfiguration">
>> <name>test-login</name>
>> </reference>
>> <reference name="ServerInfo">
>> <module>org/apache/geronimo/System</module>
>> <name>ServerInfo</name>
>> </reference>
>> <reference
>> name="LoginService"><module>org/apache/geronimo/Security</
>> module><name>JaasLoginService</name></reference>
>> </gbean>
>>
>> <gbean name="test-login"
>> class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
>> <attribute name="controlFlag">REQUIRED</attribute>
>> <reference name="LoginModule">
>> <name>test-login</name>
>> </reference>
>> </gbean>
>> </configuration>
>>
>> Regards
>> Krish
>>
>> On 11/29/05, Vamsavardhana Reddy < c1vamsi1c@gmail.com> wrote:
>> > Here is the description of problem I am facing.
>> >
>> > I have created a simple web application that uses a FORM
>> authentication
>> > method. In the deployment plan, I have configured the application
>> to use
>> > "geronimo-properties-realm". The application works fine.
>> >
>> > At this point a added a new realm with name
>> "onemore-properties-realm"
>> > through the "Security Realms" portlet. I have modified the
>> deployment plan
>> > to use this newly added security realm and redeployed the
>> application. The
>> > security part of this application does not work anymore. I am
>> getting the
>> > following exception on login attempt.
>> >
>> >
>> > 17:41:53,036 INFO [JAASJettyRealm] problem
>> > javax.security.auth.login.LoginException:
>> > java.lang.NullPointerException: target is null
>> > at
>> > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy
>> (BasicProxyManager.java:104)
>> > at
>> >
>> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(
>> JaasLoginCoordinator.java:173)
>> > at
>> >
>> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initiali
>> ze (JaasLoginCoordinator.java:85)
>> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>> > Method)
>> > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
>> > Source)
>> > at
>> > sun.reflect.DelegatingMethodAccessorImpl.invoke (Unknown
>> > Source)
>> > at java.lang.reflect.Method.invoke(Unknown Source)
>> > at
>> > javax.security.auth.login.LoginContext.invoke(Unknown
>> > Source)
>> > at
>> > javax.security.auth.login.LoginContext.access$000 (Unknown
>> > Source)
>> > at javax.security.auth.login.LoginContext$4.run(Unknown
>> > Source)
>> > at java.security.AccessController.doPrivileged(Native
>> > Method)
>> > at
>> > javax.security.auth.login.LoginContext.invokeModule (Unknown
>> > Source)
>> > at javax.security.auth.login.LoginContext.login(Unknown
>> > Source)
>> > at
>> >
>> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j
>> ava:92)
>> > at
>> >
>> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat
>> e(FormAuthenticator.java:305)
>> > at
>> >
>> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic
>> ator.java:148)
>> > at
>> >
>> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai
>> nUser(SecurityContextBeforeAfter.java:282)
>> > at
>> >
>> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check
>> SecurityConstraints (SecurityContextBeforeAfter.java:191)
>> > at
>> >
>> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(
>> JettyWebAppContext.java:520)
>> > at
>> > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch
>> (WebApplicationHandler.java:432)
>> > at
>> >
>> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:
>> 568)
>> > at
>> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
>> > at
>> >
>> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationC
>> ontext.java:633)
>> > at
>> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
>> > at
>> > org.mortbay.http.HttpServer.service (HttpServer.java:954)
>> > at
>> > org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
>> > at
>> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
>> > at
>> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
>> > at
>> >
>> org.mortbay.http.SocketListener.handleConnection(SocketListener.java:
>> 244)
>> > at
>> > org.mortbay.util.ThreadedServer.handle (ThreadedServer.java:357)
>> > at
>> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
>> >
>> > at
>> > javax.security.auth.login.LoginContext.invoke(Unknown
>> > Source)
>> > at
>> > javax.security.auth.login.LoginContext.access$000(Unknown
>> > Source)
>> > at javax.security.auth.login.LoginContext$4.run(Unknown
>> > Source)
>> > at java.security.AccessController.doPrivileged (Native
>> > Method)
>> > at
>> > javax.security.auth.login.LoginContext.invokeModule(Unknown
>> > Source)
>> > at javax.security.auth.login.LoginContext.login(Unknown
>> > Source)
>> > at
>> >
>> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j
>> ava:92)
>> > at
>> >
>> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat
>> e(FormAuthenticator.java:305)
>> > at
>> >
>> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic
>> ator.java:148)
>> > at
>> >
>> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai
>> nUser(SecurityContextBeforeAfter.java :282)
>> > at
>> >
>> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check
>> SecurityConstraints(SecurityContextBeforeAfter.java:191)
>> > at
>> >
>> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints
>> (JettyWebAppContext.java:520)
>> > at
>> >
>> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicatio
>> nHandler.java:432)
>> > at
>> > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java
>> :568)
>> > at
>> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
>> > at
>> >
>> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationC
>> ontext.java:633)
>> > at
>> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
>> > at
>> > org.mortbay.http.HttpServer.service(HttpServer.java:954)
>> > at
>> > org.mortbay.http.HttpConnection.service(HttpConnection.java :816)
>> > at
>> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
>> > at
>> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
>> > at
>> > org.mortbay.http.SocketListener.handleConnection
>> (SocketListener.java:244)
>> > at
>> > org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
>> > at
>> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
>> >
>> >
>
Re: Problem in using a security realm added through geronimo console
Posted by Vamsavardhana Reddy <c1...@gmail.com>.
The new realm is added through "Security realms" portlet and it shows the
following plan on clicking the "show plan" button.
<configuration configId="SecurityRealmonemore-security-realm"
parentId="org/apache/geronimo/Server" xmlns="
http://geronimo.apache.org/xml/ns/deployment-1.0">
<gbean name="onemore-security-realm" class="
org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">onemore-security-realm</attribute>
<reference name="ServerInfo">
<gbean-name>geronimo.server:J2EEApplication=null
,J2EEModule=org/apache/geronimo/System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name>
</reference>
<xml-reference name="LoginModuleConfiguration">
<log:login-config xmlns:log="
http://geronimo.apache.org/xml/ns/loginconfig-1.0">
<log:login-module control-flag="REQUIRED"
server-side="true">
<log:login-domain-name>onemore-security-realm</log:login-domain-name>
<log:login-module-class>
org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule
</log:login-module-class>
<log:option name="usersURI">var/security/vamsi-
users.properties</log:option>
<log:option name="groupsURI">var/security/vamsi-
groups.properties</log:option>
</log:login-module>
</log:login-config>
</xml-reference>
</gbean>
</configuration>
On 11/29/05, Krishnakumar B <ww...@gmail.com> wrote:
>
> hi,
>
> Check the deployment plan if the references are correct.
>
> Sample plan file.
>
> <gbean name="test-realm"
> class="org.apache.geronimo.security.realm.GenericSecurityRealm">
> <attribute name="realmName">test-realm</attribute>
> <reference name="LoginModuleConfiguration">
> <name>test-login</name>
> </reference>
> <reference name="ServerInfo">
> <module>org/apache/geronimo/System</module>
> <name>ServerInfo</name>
> </reference>
> <reference
> name="LoginService"><module>org/apache/geronimo/Security</module><name>JaasLoginService</name></reference>
> </gbean>
>
> <gbean name="test-login"
> class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
> <attribute name="controlFlag">REQUIRED</attribute>
> <reference name="LoginModule">
> <name>test-login</name>
> </reference>
> </gbean>
> </configuration>
>
> Regards
> Krish
>
> On 11/29/05, Vamsavardhana Reddy <c1...@gmail.com> wrote:
> > Here is the description of problem I am facing.
> >
> > I have created a simple web application that uses a FORM authentication
> > method. In the deployment plan, I have configured the application to
> use
> > "geronimo-properties-realm". The application works fine.
> >
> > At this point a added a new realm with name "onemore-properties-realm"
> > through the "Security Realms" portlet. I have modified the deployment
> plan
> > to use this newly added security realm and redeployed the
> application. The
> > security part of this application does not work anymore. I am getting
> the
> > following exception on login attempt.
> >
> >
> > 17:41:53,036 INFO [JAASJettyRealm] problem
> > javax.security.auth.login.LoginException:
> > java.lang.NullPointerException: target is null
> > at
> > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(
> BasicProxyManager.java:104)
> > at
> > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(
> JaasLoginCoordinator.java:173)
> > at
> > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize
> (JaasLoginCoordinator.java:85)
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> > Method)
> > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> > Source)
> > at
> > sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> > Source)
> > at java.lang.reflect.Method.invoke(Unknown Source)
> > at
> > javax.security.auth.login.LoginContext.invoke(Unknown
> > Source)
> > at
> > javax.security.auth.login.LoginContext.access$000(Unknown
> > Source)
> > at javax.security.auth.login.LoginContext$4.run(Unknown
> > Source)
> > at java.security.AccessController.doPrivileged(Native
> > Method)
> > at
> > javax.security.auth.login.LoginContext.invokeModule(Unknown
> > Source)
> > at javax.security.auth.login.LoginContext.login(Unknown
> > Source)
> > at
> > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(
> JAASJettyRealm.java:92)
> > at
> > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(
> FormAuthenticator.java:305)
> > at
> > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(
> FormAuthenticator.java:148)
> > at
> >
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser
> (SecurityContextBeforeAfter.java:282)
> > at
> >
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints
> (SecurityContextBeforeAfter.java:191)
> > at
> > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(
> JettyWebAppContext.java:520)
> > at
> > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(
> WebApplicationHandler.java:432)
> > at
> > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> > at
> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> > at
> > org.mortbay.jetty.servlet.WebApplicationContext.handle(
> WebApplicationContext.java:633)
> > at
> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> > at
> > org.mortbay.http.HttpServer.service(HttpServer.java:954)
> > at
> > org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> > at
> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> > at
> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> > at
> > org.mortbay.http.SocketListener.handleConnection(SocketListener.java
> :244)
> > at
> > org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> > at
> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> >
> > at
> > javax.security.auth.login.LoginContext.invoke(Unknown
> > Source)
> > at
> > javax.security.auth.login.LoginContext.access$000(Unknown
> > Source)
> > at javax.security.auth.login.LoginContext$4.run(Unknown
> > Source)
> > at java.security.AccessController.doPrivileged(Native
> > Method)
> > at
> > javax.security.auth.login.LoginContext.invokeModule(Unknown
> > Source)
> > at javax.security.auth.login.LoginContext.login(Unknown
> > Source)
> > at
> > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(
> JAASJettyRealm.java:92)
> > at
> > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(
> FormAuthenticator.java:305)
> > at
> > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(
> FormAuthenticator.java:148)
> > at
> >
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser
> (SecurityContextBeforeAfter.java:282)
> > at
> >
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints
> (SecurityContextBeforeAfter.java:191)
> > at
> > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(
> JettyWebAppContext.java:520)
> > at
> > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(
> WebApplicationHandler.java:432)
> > at
> > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> > at
> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> > at
> > org.mortbay.jetty.servlet.WebApplicationContext.handle(
> WebApplicationContext.java:633)
> > at
> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> > at
> > org.mortbay.http.HttpServer.service(HttpServer.java:954)
> > at
> > org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> > at
> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> > at
> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> > at
> > org.mortbay.http.SocketListener.handleConnection(SocketListener.java
> :244)
> > at
> > org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> > at
> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> >
> >
>
Re: Problem in using a security realm added through geronimo console
Posted by Krishnakumar B <ww...@gmail.com>.
hi,
Check the deployment plan if the references are correct.
Sample plan file.
<gbean name="test-realm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">test-realm</attribute>
<reference name="LoginModuleConfiguration">
<name>test-login</name>
</reference>
<reference name="ServerInfo">
<module>org/apache/geronimo/System</module>
<name>ServerInfo</name>
</reference>
<reference name="LoginService"><module>org/apache/geronimo/Security</module><name>JaasLoginService</name></reference>
</gbean>
<gbean name="test-login"
class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
<attribute name="controlFlag">REQUIRED</attribute>
<reference name="LoginModule">
<name>test-login</name>
</reference>
</gbean>
</configuration>
Regards
Krish
On 11/29/05, Vamsavardhana Reddy <c1...@gmail.com> wrote:
> Here is the description of problem I am facing.
>
> I have created a simple web application that uses a FORM authentication
> method. In the deployment plan, I have configured the application to use
> "geronimo-properties-realm". The application works fine.
>
> At this point a added a new realm with name "onemore-properties-realm"
> through the "Security Realms" portlet. I have modified the deployment plan
> to use this newly added security realm and redeployed the application. The
> security part of this application does not work anymore. I am getting the
> following exception on login attempt.
>
>
> 17:41:53,036 INFO [JAASJettyRealm] problem
> javax.security.auth.login.LoginException:
> java.lang.NullPointerException: target is null
> at
> org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104)
> at
> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173)
> at
> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
> Source)
> at java.lang.reflect.Method.invoke(Unknown Source)
> at
> javax.security.auth.login.LoginContext.invoke(Unknown
> Source)
> at
> javax.security.auth.login.LoginContext.access$000(Unknown
> Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown
> Source)
> at java.security.AccessController.doPrivileged(Native
> Method)
> at
> javax.security.auth.login.LoginContext.invokeModule(Unknown
> Source)
> at javax.security.auth.login.LoginContext.login(Unknown
> Source)
> at
> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at
> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at
> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at
> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at
> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at
> org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at
> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at
> org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at
> org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at
> org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at
> org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at
> org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at
> org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at
> org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at
> org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
>
> at
> javax.security.auth.login.LoginContext.invoke(Unknown
> Source)
> at
> javax.security.auth.login.LoginContext.access$000(Unknown
> Source)
> at javax.security.auth.login.LoginContext$4.run(Unknown
> Source)
> at java.security.AccessController.doPrivileged(Native
> Method)
> at
> javax.security.auth.login.LoginContext.invokeModule(Unknown
> Source)
> at javax.security.auth.login.LoginContext.login(Unknown
> Source)
> at
> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)
> at
> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> at
> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> at
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> at
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> at
> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> at
> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> at
> org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
> at
> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> at
> org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
> at
> org.mortbay.http.HttpServer.service(HttpServer.java:954)
> at
> org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> at
> org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
> at
> org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at
> org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> at
> org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at
> org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
>
>