0 Replies Latest reply on Mar 18, 2009 11:40 AM by latikapuri

    Login issue with JAAS in JBOSS

    latikapuri Mar 18, 2009 11:40 AM

      Hi,

      I am having an application with implements JSF with EJB3.0 and Shale as the controller. I am using Jboss 4.2.3 to implement JAAS feature. I have the required configuration like login-config.xml, jboss-web.xml and web.xml. I am using org.jboss.security.auth.spi.DatabaseServerLoginModule for authentication.

      WhenI try to login using login.jsf, the server log shows that the correct values are passed for user and password (testuser, testuser123) but still I am unable to login.

      Also when I try to print the values using the helper-methods getRemoteUser and getUserPrincipal, I see NULL in my log. Please help as I am unable to login as I kepe getting authentication failure even though the values are present in the required tables and views used in login-config.xml.

      public String getUserPrincipal()
      {
      FacesContext context = FacesContext.getCurrentInstance();
      ExternalContext externalContext = context.getExternalContext();
      return externalContext.getUserPrincipal() != null ? externalContext.getUserPrincipal().toString() : "null";
      }

      public String getRemoteUser()
      {
      FacesContext context = FacesContext.getCurrentInstance();
      ExternalContext externalContext = context.getExternalContext();
      String remoteUser = externalContext.getRemoteUser();
      return remoteUser;
      }


      Server log:

      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Postback: Restored view for /login.jsf
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Exiting RestoreViewPhase
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process after phase RESTORE_VIEW 1
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.timing] [TIMING] - [0ms] : Execution time for phase (including any PhaseListeners) -> RESTORE_VIEW 1
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process before phase APPLY_REQUEST_VALUES 2
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Entering ApplyRequestValuesPhase
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component _viewRoot with class org.ajax4jsf.component.AjaxViewRoot
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.AjaxContainerRenderer] Decode ajax request status for _viewRoot
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.component.AjaxRegionBrige] Submitted AJAX request - Queue Event to AjaxListeners
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component j_id6 with class org.richfaces.component.html.HtmlToolTip
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component j_id7 with class org.richfaces.component.html.HtmlToolTip
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] UIForm with client ID login, submitted
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No decoding necessary since the component username is not an instance or a sub class of UIInput
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] Set submitted value testuser on component
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] new value after decoding testuser
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No decoding necessary since the component j_id12 is not an instance or a sub class of UIInput
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component login:j_id11 with class org.richfaces.component.html.HtmlRichMessage
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No decoding necessary since the component password is not an instance or a sub class of UIInput
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] Set submitted value testuser123 on component
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] new value after decoding testuser123
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No decoding necessary since the component j_id17 is not an instance or a sub class of UIInput
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component login:j_id16 with class org.richfaces.component.html.HtmlRichMessage
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component login:submit with class org.ajax4jsf.component.html.HtmlAjaxCommandLink
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.AjaxCommandRendererBase] Decode submit of the Ajax component login:submit
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Exiting ApplyRequestValuesPhase
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process after phase APPLY_REQUEST_VALUES 2
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.timing] [TIMING] - [0ms] : Execution time for phase (including any PhaseListeners) -> APPLY_REQUEST_VALUES 2
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process before phase PROCESS_VALIDATIONS 3
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Entering ProcessValidationsPhase
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No conversion necessary for value testuser of component usernameField
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No conversion necessary for value testuser123 of component passwordField
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Exiting ProcessValidationsPhase
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process after phase PROCESS_VALIDATIONS 3
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.timing] [TIMING] - [0ms] : Execution time for phase (including any PhaseListeners) -> PROCESS_VALIDATIONS 3
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process before phase UPDATE_MODEL_VALUES 4
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Entering UpdateModelValuesPhase
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process after phase UPDATE_MODEL_VALUES 4
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.timing] [TIMING] - [0ms] : Execution time for phase (including any PhaseListeners) -> UPDATE_MODEL_VALUES 4
      2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process before phase INVOKE_APPLICATION 5
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Entering InvokeApplicationsPhase
      2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.application] processAction(submit)
      2009-03-18 19:46:19,609 INFO [STDOUT] userPrincipal: null
      2009-03-18 19:46:19,609 INFO [STDOUT] remoteUser: null
      2009-03-18 19:46:19,609 DEBUG [org.jboss.ejb3.security.Ejb3AuthenticationInterceptor] Authentication failure
      javax.security.auth.login.LoginException: java.lang.NullPointerException
      at org.jboss.security.Util.createPasswordHash(Util.java:409)
      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.createPasswordHash(UsernamePasswordLoginModule.java:415)
      at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:204)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
      at java.lang.reflect.Method.invoke(Unknown Source)
      at javax.security.auth.login.LoginContext.invoke(Unknown Source)
      at javax.security.auth.login.LoginContext.access$000(Unknown Source)
      at javax.security.auth.login.LoginContext$4.run(Unknown Source)
      at java.security.AccessController.doPrivileged(Native Method)
      at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
      at javax.security.auth.login.LoginContext.login(Unknown Source)
      at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
      at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
      at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
      at org.jboss.aspects.security.AuthenticationInterceptor.authenticate(AuthenticationInterceptor.java:123)
      at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:66)
      at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:110)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
      at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:240)
      at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:210)
      at org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:84)
      at $Proxy120.doLogin(Unknown Source)
      at com.sortmybooksonline.web.controller.LoginController.doLogin(LoginController.java:67)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
      at java.lang.reflect.Method.invoke(Unknown Source)
      at org.apache.el.parser.AstValue.invoke(AstValue.java:131)
      at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
      at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
      at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88)
      at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
      at org.apache.shale.view.faces.ViewActionListener.processAction(ViewActionListener.java:74)
      at javax.faces.component.UICommand.broadcast(UICommand.java:387)
      at org.ajax4jsf.component.AjaxActionComponent.broadcast(AjaxActionComponent.java:55)
      at org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321)
      at org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296)
      at org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253)
      at org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466)
      at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82)
      at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100)
      at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)

      • 8424 Views
      • Tags: