1 Reply Latest reply on May 23, 2012 7:47 PM by jbrow

Existence of "@Context SecurityContext" Kills Errai Authentication

jbrow May 23, 2012 7:09 PM

I've been struggling with a problem for several days. When I access a request-scoped bean with Errai RPC, my Seam credentials and identity all are correct, but the JBoss container no longer seems to have the correct SecurityContext and assigns an "anonymous" Principal (that is not even of the correct class for the security policy assigned to the EJB Session Bean). In the many hours of trying work-arounds and Googling for solutions, it looks like JBoss 7.1 does not handle the SecurityContext correctly.

To explore this farther, I attempted to inject a SecurityContext into the Errai RPC endpoint (most other injections here are just for debugging purposes):

@Service
@RequestScoped
public class ConfigurationInterfaceImpl implements ConfigurationInterface {

    Logger log = Logger.getLogger(ConfigurationInterfaceImpl.class);

    @EJB
    private ConfigurationSupportLocal configurationBean;

    @Inject
    private Identity identity;

    @Inject
    private Credentials credentials;

    @Inject
    private Principal principal;

    @Context
    private SecurityContext securityContext;

Just the presence of the injection point causes the Errai authentication -- which happens in an entirely different part of the code, long before the app even thinks about calling the RPC -- to fail with an NPE. The injected SecurityContext is never even used. Just the act of the injection causes the Errai authentication to fail.

15:40:46,287 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) java.lang.NullPointerException
15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.jboss.errai.bus.client.framework.DeliveryPlan.deliver(DeliveryPlan.java:35)
15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.jboss.errai.bus.server.ServerMessageBusImpl.sendGlobal(ServerMessageBusImpl.java:635)
15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.jboss.errai.bus.server.SimpleDispatcher.dispatchGlobal(SimpleDispatcher.java:46)
15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:94)
15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:108)
15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.jboss.errai.bus.server.servlet.DefaultBlockingServlet.doPost(DefaultBlockingServlet.java:117)
15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)
15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62)
15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
15:40:46,289 DEBUG [org.apache.tomcat.util.http.Cookies] (http-localhost/127.0.0.1:8080-2) Cookies: Parsing b[]: JSESSIONID=uCFiR6MfmbgijGjukYCrp4Hk
15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)
15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153)
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368)
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877)
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:679)
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:931)
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5)   at java.lang.Thread.run(Thread.java:680)
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) *** Message delivery failure ***
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) Bus: org.jboss.errai.bus.server.ServerMessageBusImpl@609e1707
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) Message: Initialize=true, ToSubject=LoginDispatcher
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) errorMessage: Error calling remote service: LoginDispatcher
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) exception: java.lang.NullPointerException
15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) disconnect: false

I'm guessing there's something fundamental that I don't understand going on here, so I thought I'd ask. I'm getting frustrated attempting to get basic security working.

1. Re: Existence of "@Context SecurityContext" Kills Errai Authentication

jbrow May 23, 2012 7:47 PM (in response to jbrow)

Forgot some details:

Using Errai 2.0.0-Final
Using JAAS authentication with a Database login module. Authentication with Errai adapter for the Errai Bus and a Seam adapter work fine until the SecurityContext is injected.
Actions