-
1. No authenticator available for programmatic login
wolfgangknauf Jan 21, 2011 6:04 AM (in response to vide) -
2. No authenticator available for programmatic login
vide Jan 21, 2011 6:15 AM (in response to wolfgangknauf)Hi,
I saw this thread, but I don't have any context.xml. Is it needed in this case and if yes, what Valve I should define, because I don't have any custom Valve. And why JBossAS is not using default authenticator for programatic login?
Sincerely,
Vidas
-
3. No authenticator available for programmatic login
wolfgangknauf Jan 21, 2011 8:00 AM (in response to vide)Hi,
the end of the thread links to http://anonsvn.jboss.org/repos/jbossweb/trunk/java/org/apache/catalina/startup/ContextConfig.java
Take a look at "protected void authenticatorConfig()": here you should the find the requirements to cause JBoss to create a default Authenticator. E.g. you need a "SecurityConstraint".
Hope that digging through this method helps.
Wolfgang
-
4. No authenticator available for programmatic login
vide Jan 21, 2011 9:03 AM (in response to wolfgangknauf)Hi,
I tried to use SecurityConstraint.
My jboss-web.xml:
{code:xml}
<?xml version="1.0"?>
<jboss-web>
<security-domain>java:/jaas/DBPolicy</security-domain>
</jboss-web>
{code}
My web.xml:
{code:xml}
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<security-constraint>
<web-resource-collection>
<web-resource-name>All resources</web-resource-name>
<description>Protects all resources</description>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>myrole</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>myrole</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>DBRealm</realm-name>
</login-config>
</web-app>
{code}
With this configuration BASIC authentication works fine and starts asking credentials when I try to access my servlet, but I don't want to use this type of authentication, instead I want to call it manually in my servlet using request.login(user, password) , but in this case it fails with "No authenticator available for programmatic login". It's difficult for me to dig into source, because I'm quite new to JBoss. So i'll be very appreciated for any help.
Sincerely,
Vidas
-
5. No authenticator available for programmatic login
vide Jan 21, 2011 7:07 PM (in response to vide)Solution to this problem was very simple. It was sufficient to change url-pattern in security-constraint to something like <url-pattern>/dummy_url/*</url-pattern>. In this case SecurityConstraint is created, authenticator loaded, and default autthentication is not called, when I access my servlet. So now I can call programmatic login and everything works fine.
Vidas
-
6. Re: No authenticator available for programmatic login
blackbeltdev Mar 14, 2012 7:49 PM (in response to vide)The following worked for me even without a dummy URL pattern. I guess because I didn't specifiy any method...
<pre>
<security-constraint>
<display-name>SecureApplicationConstraint</display-name>
<web-resource-collection>
<web-resource-name>Vaadin application</web-resource-name>
<description>The entire Vaadin application is protected</description>
<url-pattern>/app/*</url-pattern>
</security-constraint>
</pre>
-
7. Re: No authenticator available for programmatic login
parrygill May 18, 2012 11:58 AM (in response to vide)Thanks vide and Kirk, you are life savers.
-
8. Re: No authenticator available for programmatic login
sgilda Sep 26, 2012 8:53 AM (in response to vide)If you get the error message "No authenticator available for programmatic login", you can alternatively add the appropriate Servlet 3.0 security annotations to the authentication servlet. If you do that, you do not need to add the security-constraint element to the web.xml file. For example:
// Imports for annotations
import
javax.annotation.security.DeclareRoles;
import
javax.servlet.annotation.WebServlet;
import
javax.servlet.annotation.HttpConstraint;
import
javax.servlet.annotation.ServletSecurity;
@WebServlet
(
"/securedUrlPattern"
)
@ServletSecurity
(
@HttpConstraint
(rolesAllowed = {
"myRole"
}))
@DeclareRoles
(
"myRole"
)
public
class
SecuredServlet
extends
HttpServlet {
//Rest of servlet code
}
-
9. Re: No authenticator available for programmatic login
davidj Nov 7, 2012 7:19 PM (in response to vide)Hi,
Can you post ALL the relavent code?
I've tried to follow your directions exactly without success.
I think the problem is with my standalone.xml, and since I can't see yours, I'm unable to compare.
Can you post the relavent section from your standalone.xml?
Thanks!
-
10. Re: No authenticator available for programmatic login
antlia Jul 15, 2013 10:42 AM (in response to blackbeltdev)Hi Kirk, I've an issue, even after adding the <security-constraint> tag, in my web.xml.
In my case, i have some EJBs in my ear application (separated from the web part), exposed as REST services with JAX-RS annotations.
One of these EJBs is the entry-point for the login process, where i'm invoking login() method on the HttpServletRequest object.
The problems are the following:
a) Multiple login not possible:
- I deploy the ear application, open a browser and do login via HttpServletRequest --> login success
- after the previous login, I open another browser and try to login as another user --> login failure, message: no authenticator available for programmatic login.
b) Authenticator lost after EJBAccessException
- If I invoke an EJB method annotated as @RolesAllowed("admin"), without having such permission, the result is an EJBAccessException
- After this exception I try to login inside the application, in order to obtain "admin" permissions for invoking the previous method --> login failure: no authenticator available for programmatic login.
JBoss Version: 7.1.1
-
11. Re: No authenticator available for programmatic login
albremer Jul 17, 2013 7:57 AM (in response to antlia)Antlia Antlia wrote:
a) Multiple login not possible:
- I deploy the ear application, open a browser and do login via HttpServletRequest --> login success
- after the previous login, I open another browser and try to login as another user --> login failure, message: no authenticator available for programmatic login.
JBoss Version: 7.1.1
I'm having the exact same problem. The first login works, any subsequent login does not.
Did you find a solution?
-
12. Re: No authenticator available for programmatic login
antlia Jul 17, 2013 8:37 AM (in response to albremer)No, I've tried some solutions:
- Adding <security-constraint> in web.xml
- Adding <security-constraint> and <login-method> in web.xml
- Adding authenticator valve (FormAuthenticator) in jboss-web.xml
...none of these works.
I also noticed that this problem only happens when invoking EJB Exposed as REST services by RestEasy, the same login mechanism, if used with SOAP services (JAX-WS annotations on EJB), works perfectly.
Does anyone have a solution for this issue?
-
13. Re: No authenticator available for programmatic login
albremer Jul 17, 2013 12:32 PM (in response to antlia)Antlia Antlia wrote:
No, I've tried some solutions:
...none of these works.
Thanks for your answer.
I will let you know, in case I can come up with a solution.
-
14. Re: No authenticator available for programmatic login
albremer Jul 18, 2013 8:05 AM (in response to antlia)I was able to solve my problem: I was using a cached version of a HttpServletRequest instance which was no longer valid and therefore did not have any authenticators set.
I'm using a GWTP Guice servlet for RPC and it turned out that the GWTP servlet actually caches its action handlers. Therefore the constructor of my action handler was not called and the HttpServletRequest member not updated.