Existence of "@Context SecurityContext" Kills Errai Authentication
jbrow May 23, 2012 7:09 PMI've been struggling with a problem for several days. When I access a request-scoped bean with Errai RPC, my Seam credentials and identity all are correct, but the JBoss container no longer seems to have the correct SecurityContext and assigns an "anonymous" Principal (that is not even of the correct class for the security policy assigned to the EJB Session Bean). In the many hours of trying work-arounds and Googling for solutions, it looks like JBoss 7.1 does not handle the SecurityContext correctly.
To explore this farther, I attempted to inject a SecurityContext into the Errai RPC endpoint (most other injections here are just for debugging purposes):
@Service @RequestScoped public class ConfigurationInterfaceImpl implements ConfigurationInterface { Logger log = Logger.getLogger(ConfigurationInterfaceImpl.class); @EJB private ConfigurationSupportLocal configurationBean; @Inject private Identity identity; @Inject private Credentials credentials; @Inject private Principal principal; @Context private SecurityContext securityContext;
Just the presence of the injection point causes the Errai authentication -- which happens in an entirely different part of the code, long before the app even thinks about calling the RPC -- to fail with an NPE. The injected SecurityContext is never even used. Just the act of the injection causes the Errai authentication to fail.
15:40:46,287 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) java.lang.NullPointerException 15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.jboss.errai.bus.client.framework.DeliveryPlan.deliver(DeliveryPlan.java:35) 15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.jboss.errai.bus.server.ServerMessageBusImpl.sendGlobal(ServerMessageBusImpl.java:635) 15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.jboss.errai.bus.server.SimpleDispatcher.dispatchGlobal(SimpleDispatcher.java:46) 15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:94) 15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.jboss.errai.bus.server.service.ErraiServiceImpl.store(ErraiServiceImpl.java:108) 15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.jboss.errai.bus.server.servlet.DefaultBlockingServlet.doPost(DefaultBlockingServlet.java:117) 15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) 15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) 15:40:46,288 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) 15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) 15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62) 15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) 15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) 15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) 15:40:46,289 DEBUG [org.apache.tomcat.util.http.Cookies] (http-localhost/127.0.0.1:8080-2) Cookies: Parsing b[]: JSESSIONID=uCFiR6MfmbgijGjukYCrp4Hk 15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) 15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) 15:40:46,289 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:679) 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:931) 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) at java.lang.Thread.run(Thread.java:680) 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) *** Message delivery failure *** 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) Bus: org.jboss.errai.bus.server.ServerMessageBusImpl@609e1707 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) Message: Initialize=true, ToSubject=LoginDispatcher 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) errorMessage: Error calling remote service: LoginDispatcher 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) exception: java.lang.NullPointerException 15:40:46,290 ERROR [stderr] (http-localhost/127.0.0.1:8080-5) disconnect: false
I'm guessing there's something fundamental that I don't understand going on here, so I thought I'd ask. I'm getting frustrated attempting to get basic security working.