0 Replies Latest reply: Mar 18, 2009 11:40 AM by Lisha Raina RSS

Login issue with JAAS in JBOSS

Lisha Raina Newbie

Hi,

I am having an application with implements JSF with EJB3.0 and Shale as the controller. I am using Jboss 4.2.3 to implement JAAS feature. I have the required configuration like login-config.xml, jboss-web.xml and web.xml. I am using org.jboss.security.auth.spi.DatabaseServerLoginModule for authentication.

WhenI try to login using login.jsf, the server log shows that the correct values are passed for user and password (testuser, testuser123) but still I am unable to login.

Also when I try to print the values using the helper-methods getRemoteUser and getUserPrincipal, I see NULL in my log. Please help as I am unable to login as I kepe getting authentication failure even though the values are present in the required tables and views used in login-config.xml.

public String getUserPrincipal()
{
FacesContext context = FacesContext.getCurrentInstance();
ExternalContext externalContext = context.getExternalContext();
return externalContext.getUserPrincipal() != null ? externalContext.getUserPrincipal().toString() : "null";
}

public String getRemoteUser()
{
FacesContext context = FacesContext.getCurrentInstance();
ExternalContext externalContext = context.getExternalContext();
String remoteUser = externalContext.getRemoteUser();
return remoteUser;
}


Server log:

2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Postback: Restored view for /login.jsf
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Exiting RestoreViewPhase
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process after phase RESTORE_VIEW 1
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.timing] [TIMING] - [0ms] : Execution time for phase (including any PhaseListeners) -> RESTORE_VIEW 1
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process before phase APPLY_REQUEST_VALUES 2
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Entering ApplyRequestValuesPhase
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component _viewRoot with class org.ajax4jsf.component.AjaxViewRoot
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.AjaxContainerRenderer] Decode ajax request status for _viewRoot
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.component.AjaxRegionBrige] Submitted AJAX request - Queue Event to AjaxListeners
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component j_id6 with class org.richfaces.component.html.HtmlToolTip
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component j_id7 with class org.richfaces.component.html.HtmlToolTip
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] UIForm with client ID login, submitted
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No decoding necessary since the component username is not an instance or a sub class of UIInput
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] Set submitted value testuser on component
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] new value after decoding testuser
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No decoding necessary since the component j_id12 is not an instance or a sub class of UIInput
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component login:j_id11 with class org.richfaces.component.html.HtmlRichMessage
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No decoding necessary since the component password is not an instance or a sub class of UIInput
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] Set submitted value testuser123 on component
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] new value after decoding testuser123
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No decoding necessary since the component j_id17 is not an instance or a sub class of UIInput
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component login:j_id16 with class org.richfaces.component.html.HtmlRichMessage
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.RendererBase] Start decoding of component login:submit with class org.ajax4jsf.component.html.HtmlAjaxCommandLink
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.renderkit.AjaxCommandRendererBase] Decode submit of the Ajax component login:submit
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Exiting ApplyRequestValuesPhase
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process after phase APPLY_REQUEST_VALUES 2
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.timing] [TIMING] - [0ms] : Execution time for phase (including any PhaseListeners) -> APPLY_REQUEST_VALUES 2
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process before phase PROCESS_VALIDATIONS 3
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Entering ProcessValidationsPhase
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No conversion necessary for value testuser of component usernameField
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.renderkit] No conversion necessary for value testuser123 of component passwordField
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Exiting ProcessValidationsPhase
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process after phase PROCESS_VALIDATIONS 3
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.timing] [TIMING] - [0ms] : Execution time for phase (including any PhaseListeners) -> PROCESS_VALIDATIONS 3
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process before phase UPDATE_MODEL_VALUES 4
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Entering UpdateModelValuesPhase
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process after phase UPDATE_MODEL_VALUES 4
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.timing] [TIMING] - [0ms] : Execution time for phase (including any PhaseListeners) -> UPDATE_MODEL_VALUES 4
2009-03-18 19:46:19,609 DEBUG [org.ajax4jsf.event.AjaxPhaseListener] Process before phase INVOKE_APPLICATION 5
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.lifecycle] Entering InvokeApplicationsPhase
2009-03-18 19:46:19,609 DEBUG [javax.enterprise.resource.webcontainer.jsf.application] processAction(submit)
2009-03-18 19:46:19,609 INFO [STDOUT] userPrincipal: null
2009-03-18 19:46:19,609 INFO [STDOUT] remoteUser: null
2009-03-18 19:46:19,609 DEBUG [org.jboss.ejb3.security.Ejb3AuthenticationInterceptor] Authentication failure
javax.security.auth.login.LoginException: java.lang.NullPointerException
at org.jboss.security.Util.createPasswordHash(Util.java:409)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.createPasswordHash(UsernamePasswordLoginModule.java:415)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:204)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
at org.jboss.aspects.security.AuthenticationInterceptor.authenticate(AuthenticationInterceptor.java:123)
at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:66)
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:110)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:240)
at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:210)
at org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:84)
at $Proxy120.doLogin(Unknown Source)
at com.sortmybooksonline.web.controller.LoginController.doLogin(LoginController.java:67)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.el.parser.AstValue.invoke(AstValue.java:131)
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88)
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
at org.apache.shale.view.faces.ViewActionListener.processAction(ViewActionListener.java:74)
at javax.faces.component.UICommand.broadcast(UICommand.java:387)
at org.ajax4jsf.component.AjaxActionComponent.broadcast(AjaxActionComponent.java:55)
at org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321)
at org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296)
at org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253)
at org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)