No ideas? :(
I must solve this problem quickly.
Thanks people..
---
Bruno Vg
BVG wrote:
>Hi Jeff,
>
>The stub call is done in the JAAS module (file: SampleLoginModule.java), this
>module is configured on Tomcat application, and when I press the
>authentication form the JAAS module runs. When it runs, call the
>VerificaAutenticacao WebService, which returns some values to check if this
>user is authenticate. It's in this call that I got a CastClassException on the
>file WSDDTargetedChain.java:157(Axis code), and in there I see different ids
>for the same Handler:
>"ClassUtils.forName(pivotQName.getLocalPart()).newInstance().getClass().getSuperclass().getInterfaces()"
> = java.lang.Class[1] (id=85)
>"Class.forName("org.apache.axis.Handler")" = java.lang.Class
>(org.apache.axis.Handler) (id=91)
>
>But, if I call the same webservice but outside that JAAS module, everything
>works, and the ids are the same for the same handler:
>"ClassUtils.forName(pivotQName.getLocalPart()).newInstance().getClass().getSuperclass().getInterfaces()"
> = java.lang.Class[1] (id=85)
>"Class.forName("org.apache.axis.Handler")" = java.lang.Class
>(org.apache.axis.Handler) (id=85)
>
>Any ideas? humm.. :(
>Thanks one more time Jeff
>
>Jeff wrote:
>
>>In a discussion about error handling a while back, I mentioned to James
>>Taylor how insane it is to report a ClassCastException without citing the
>>offending class.
>>
>>Presumably you know which class your handler is or can look it up in the
>><handler> element of your deployment descriptor. You need to ensure that it
>>implements org.apache.axis.Handler, one way or another.
>>
>>If that doesn't help, make sure your log4j.properties file of configured to
>>dump in DEBUG mode and check out the log for clues.
>>
>>(I wonder if anyone has every estimated how much Java development time is
>>wasted globally on class path issues.)
>>
>>
>>Jeff
>>
>>
>>----- Original Message -----
>>From: "BVG" <[EMAIL PROTECTED]>
>>To: <[email protected]>
>>Sent: Tuesday, June 14, 2005 8:06 AM
>>Subject: classloader problem
>>
>>
>>I've a problem with classloader.
>>I got all the time CastClassException when I invoke directly a stub (Axis
>>1.2) on a JAAS module (Java authentication).
>>It seems the problem is on this line (WSDDTargetedChain.java:157):
>>pivot =
>>(Handler)ClassUtils.forName(pivotQName.getLocalPart()).newInstance();
>>
>>the cast Handler is not from the same instance of result and throw a
>>CastClass Exception.
>>What can I do to prevent this frustrating problem?
>>
>>I really need your help!
>>Thank you all!
>>
>>--------------------- ERROR ---------------------------
>>AxisFault
>>faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
>>faultSubcode:
>>faultString: java.lang.ClassCastException
>>faultActor:
>>faultNode:
>>faultDetail:
>> {http://xml.apache.org/axis/}stackTrace:java.lang.ClassCastException
>> at
>>org.apache.axis.deployment.wsdd.WSDDTargetedChain.makeNewInstance(WSDDTarget
>>edChain.java:157)
>> at
>>org.apache.axis.deployment.wsdd.WSDDDeployableItem.getNewInstance(WSDDDeploy
>>ableItem.java:274)
>> at
>>org.apache.axis.deployment.wsdd.WSDDDeployableItem.getInstance(WSDDDeployabl
>>eItem.java:260)
>> at
>>org.apache.axis.deployment.wsdd.WSDDDeployment.getTransport(WSDDDeployment.j
>>ava:394)
>> at
>>org.apache.axis.configuration.FileProvider.getTransport(FileProvider.java:25
>>7)
>> at org.apache.axis.AxisEngine.getTransport(AxisEngine.java:332)
>> at org.apache.axis.client.AxisClient.invoke(AxisClient.java:163)
>> at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
>> at org.apache.axis.client.Call.invoke(Call.java:2748)
>> at org.apache.axis.client.Call.invoke(Call.java:2424)
>> at org.apache.axis.client.Call.invoke(Call.java:2347)
>> at org.apache.axis.client.Call.invoke(Call.java:1804)
>> at
>>com.jcms.Axis.WSPortal.WS_AcessoPortalSoapStub.verificaAutenticacao(WS_Acess
>>oPortalSoapStub.java:321)
>> at com.jcms.Axis.Webservices.VerificaAutenticacao(Webservices.java:263)
>> at jaas.module.SampleLoginModule.login(SampleLoginModule.java:214)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
>>)
>> at
>>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
>>.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:324)
>> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
>> at
>>javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>>javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
>> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
>> at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:316)
>> at
>>org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthent
>>icator.java:229)
>> at
>>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase
>>.java:446)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:102)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at
>>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137
>>)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:104)
>> at
>>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118
>>)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:102)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at
>>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
>>:109)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:104)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
>> at
>>org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
>> at
>>org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
>> at
>>org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne
>>ction(Http11Protocol.java:705)
>> at
>>org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
>> at
>>org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav
>>a:683)
>> at java.lang.Thread.run(Thread.java:534)
>>
>> {http://xml.apache.org/axis/}hostname:bvg
>>
>>java.lang.ClassCastException
>> at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
>> at org.apache.axis.client.AxisClient.invoke(AxisClient.java:216)
>> at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
>> at org.apache.axis.client.Call.invoke(Call.java:2748)
>> at org.apache.axis.client.Call.invoke(Call.java:2424)
>> at org.apache.axis.client.Call.invoke(Call.java:2347)
>> at org.apache.axis.client.Call.invoke(Call.java:1804)
>> at
>>com.jcms.Axis.WSPortal.WS_AcessoPortalSoapStub.verificaAutenticacao(WS_Acess
>>oPortalSoapStub.java:321)
>> at com.jcms.Axis.Webservices.VerificaAutenticacao(Webservices.java:263)
>> at jaas.module.SampleLoginModule.login(SampleLoginModule.java:214)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
>>)
>> at
>>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
>>.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:324)
>> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
>> at
>>javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>>javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
>> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
>> at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:316)
>> at
>>org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthent
>>icator.java:229)
>> at
>>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase
>>.java:446)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:102)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at
>>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137
>>)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:104)
>> at
>>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118
>>)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:102)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at
>>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
>>:109)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:104)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
>> at
>>org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
>> at
>>org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
>> at
>>org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne
>>ction(Http11Protocol.java:705)
>> at
>>org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
>> at
>>org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav
>>a:683)
>> at java.lang.Thread.run(Thread.java:534)
>>Caused by: java.lang.ClassCastException
>> at
>>org.apache.axis.deployment.wsdd.WSDDTargetedChain.makeNewInstance(WSDDTarget
>>edChain.java:157)
>> at
>>org.apache.axis.deployment.wsdd.WSDDDeployableItem.getNewInstance(WSDDDeploy
>>ableItem.java:274)
>> at
>>org.apache.axis.deployment.wsdd.WSDDDeployableItem.getInstance(WSDDDeployabl
>>eItem.java:260)
>> at
>>org.apache.axis.deployment.wsdd.WSDDDeployment.getTransport(WSDDDeployment.j
>>ava:394)
>> at
>>org.apache.axis.configuration.FileProvider.getTransport(FileProvider.java:25
>>7)
>> at org.apache.axis.AxisEngine.getTransport(AxisEngine.java:332)
>> at org.apache.axis.client.AxisClient.invoke(AxisClient.java:163)
>> ... 38 more
>>- END: Webservice
>>SampleLoginModule abort() - BEGIN
>>SampleLoginModule abort() - END
>>- Login exception authenticating username teste
>>javax.security.auth.login.LoginException: java.lang.NullPointerException
>> at jaas.module.SampleLoginModule.login(SampleLoginModule.java:217)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39
>>)
>> at
>>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl
>>.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:324)
>> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
>> at
>>javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>>javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
>> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
>> at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:316)
>> at
>>org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthent
>>icator.java:229)
>> at
>>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase
>>.java:446)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:102)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at
>>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137
>>)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:104)
>> at
>>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118
>>)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:102)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at
>>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
>>:109)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:104)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
>> at
>>org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
>> at
>>org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
>> at
>>org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne
>>ction(Http11Protocol.java:705)
>> at
>>org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
>> at
>>org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav
>>a:683)
>> at java.lang.Thread.run(Thread.java:534)
>>
>> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:730)
>> at
>>javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>>javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
>> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
>> at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:316)
>> at
>>org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthent
>>icator.java:229)
>> at
>>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase
>>.java:446)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:102)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at
>>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137
>>)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:104)
>> at
>>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118
>>)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:102)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at
>>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java
>>:109)
>> at
>>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex
>>t.java:104)
>> at
>>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
>> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
>> at
>>org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
>> at
>>org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
>> at
>>org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne
>>ction(Http11Protocol.java:705)
>> at
>>org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
>> at
>>org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav
>>a:683)
>> at java.lang.Thread.run(Thread.java:534)
>>
>>
>>
>
>
>
>
>
>/*
> * @(#)SampleLoginModule.java 1.18 00/01/11
> *
> * Copyright 2000-2002 Sun Microsystems, Inc. All Rights Reserved.
> *
> * Redistribution and use in source and binary forms, with or
> * without modification, are permitted provided that the following
> * conditions are met:
> *
> * -Redistributions of source code must retain the above copyright
> * notice, this list of conditions and the following disclaimer.
> *
> * -Redistribution in binary form must reproduct the above copyright
> * notice, this list of conditions and the following disclaimer in
> * the documentation and/or other materials provided with the
> * distribution.
> *
> * Neither the name of Sun Microsystems, Inc. or the names of
> * contributors may be used to endorse or promote products derived
> * from this software without specific prior written permission.
> *
> * This software is provided "AS IS," without a warranty of any
> * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND
> * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY,
> * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY
> * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY
> * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR
> * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR
> * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE
> * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT,
> * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER
> * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF
> * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN
> * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
> *
> * You acknowledge that Software is not designed, licensed or
> * intended for use in the design, construction, operation or
> * maintenance of any nuclear facility.
> */
>
>package jaas.module;
>
>import jaas.principal.RolePrincipal;
>import jaas.principal.SamplePrincipal;
>
>import java.util.Map;
>
>import javax.security.auth.Subject;
>import javax.security.auth.callback.Callback;
>import javax.security.auth.callback.CallbackHandler;
>import javax.security.auth.callback.NameCallback;
>import javax.security.auth.callback.PasswordCallback;
>import javax.security.auth.callback.UnsupportedCallbackException;
>import javax.security.auth.login.FailedLoginException;
>import javax.security.auth.login.LoginException;
>import javax.security.auth.spi.LoginModule;
>
>import org.apache.log4j.Logger;
>
>import com.jcms.Axis.Webservices;
>import com.jcms.Axis.WSPortal.model.VerificaAutenticacaoModel;
>
>/**
> * <p> This sample LoginModule authenticates users with a password.
> *
> * <p> If testUser successfully authenticates itself,
> * a <code>SamplePrincipal</code> with the testUser's user name
> * is added to the Subject.
> *
> * <p> This LoginModule recognizes the debug option.
> * If set to true in the login Configuration,
> * debug messages will be output to the output stream, System.out.
> *
> * @version 1.18, 01/11/00
> */
>public class SampleLoginModule implements LoginModule {
>
> static Logger logger = Logger.getLogger(SampleLoginModule.class);
>
> // initial state
> private Subject subject;
> private CallbackHandler callbackHandler;
> private Map sharedState;
> private Map options;
>
> // configurable option
> private boolean debug = false;
>
> // the authentication status
> private boolean succeeded = false;
> private boolean commitSucceeded = false;
>
> // username and password
> private String username;
> private char[] password;
>
> // testUser's SamplePrincipal
> private SamplePrincipal userPrincipal;
> private RolePrincipal rolePrincipal;
>
> /**
> * Initialize this <code>LoginModule</code>.
> *
> * <p>
> *
> * @param subject the <code>Subject</code> to be authenticated. <p>
> *
> * @param callbackHandler a <code>CallbackHandler</code> for communicating
> * with the end user (prompting for user names and
> * passwords, for example). <p>
> *
> * @param sharedState shared <code>LoginModule</code> state. <p>
> *
> * @param options options specified in the login
> * <code>Configuration</code> for this particular
> * <code>LoginModule</code>.
> */
> public void initialize(Subject subject, CallbackHandler callbackHandler,
> Map sharedState, Map options) {
>
> // initialize any configured options
> debug = "true".equalsIgnoreCase((String)options.get("debug"));
>
> if(debug)
> System.out.println("SampleLoginModule initialize() -
> BEGIN");
>
> this.subject = subject;
> this.callbackHandler = callbackHandler;
> this.sharedState = sharedState;
> this.options = options;
>
> if(debug)
> System.out.println("SampleLoginModule initialize() -
> END");
> }
>
> /**
> * Authenticate the user by prompting for a user name and password.
> *
> * <p>
> *
> * @return true in all cases since this <code>LoginModule</code>
> * should not be ignored.
> *
> * @exception FailedLoginException if the authentication fails. <p>
> *
> * @exception LoginException if this <code>LoginModule</code>
> * is unable to perform the authentication.
> */
> public boolean login() throws LoginException {
>
> if(debug)
> System.out.println("SampleLoginModule login() - BEGIN");
>
> // prompt for a user name and password
> if (callbackHandler == null)
> throw new LoginException("Error: no CallbackHandler
> available " +
> "to garner authentication information from the
> user");
> Callback[] callbacks = new Callback[2];
> callbacks[0] = new NameCallback("user name: ");
> callbacks[1] = new PasswordCallback("password: ", false);
>
> try {
> //gets the username and password from callbackHandler
> callbackHandler.handle(callbacks);
> username = ((NameCallback)callbacks[0]).getName();
> char[] tmpPassword =
> ((PasswordCallback)callbacks[1]).getPassword();
> if (tmpPassword == null) {
> // treat a NULL password as an empty password
> tmpPassword = new char[0];
> }
> //copy the password to a new char and delete tmpPassword
> password = new char[tmpPassword.length];
> System.arraycopy(tmpPassword, 0,
> password, 0, tmpPassword.length);
> ((PasswordCallback)callbacks[1]).clearPassword();
>
> } catch (java.io.IOException ioe) {
> throw new LoginException(ioe.toString());
> } catch (UnsupportedCallbackException uce) {
> throw new LoginException("Error: " +
> uce.getCallback().toString() +
> " not available to garner authentication information " +
> "from the user");
> }
>
> // print debugging information
> if (debug) {
> System.out.println("\t[SampleLoginModule] " +
> "user entered user name: " +
> username);
> System.out.print("\t[SampleLoginModule] " +
> "user entered password: ");
> for (int i = 0; i < password.length; i++)
> System.out.print(password[i]);
> System.out.println();
> }
>
> // verify the username/password - TEMP [TODO]
> String passwordDescriptor = "";
> for (int i = 0; i < password.length; i++)
> passwordDescriptor += password[i];
>
> boolean usernameCorrect = false;
> boolean passwordCorrect = false;
>
> logger.info("\tBEGIN: Webservice");
> logger.debug("BEGIN: Webservices webservice = new
> Webservices()");
> Webservices webservice = new Webservices();
> logger.debug("END: Webservices webservice = new Webservices()");
> logger.debug("BEGIN: verificaAutenticacao");
> VerificaAutenticacaoModel verificaAutenticacao =
> webservice.VerificaAutenticacao(username, passwordDescriptor);
> logger.debug("END: verificaAutenticacao");
> logger.info("\tEND: Webservice");
>
> if(verificaAutenticacao.getCode() == 1){
> //if(true){
> // authentication succeeded!!!
>
> // put values on session
> //session.setAttribute("user", username);
>
> passwordCorrect = true;
> if (debug)
> System.out.println("\t[SampleLoginModule] " +
> "authentication succeeded");
> succeeded = true;
> if(debug)
> System.out.println("SampleLoginModule login() - END");
> return true;
> } else {
>
> // authentication failed -- clean out state
> if (debug)
> System.out.println("\t[SampleLoginModule] " +
> "authentication failed");
> succeeded = false;
> username = null;
> for (int i = 0; i < password.length; i++)
> password[i] = ' ';
> password = null;
> if(debug)
> System.out.println("SampleLoginModule login() - END");
> if (!usernameCorrect) {
> throw new FailedLoginException("User Name Incorrect");
> } else {
> throw new FailedLoginException("Password Incorrect");
> }
> }
> }
>
> /**
> * <p> This method is called if the LoginContext's
> * overall authentication succeeded
> * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
> * succeeded).
> *
> * <p> If this LoginModule's own authentication attempt
> * succeeded (checked by retrieving the private state saved by the
> * <code>login</code> method), then this method associates a
> * <code>SamplePrincipal</code>
> * with the <code>Subject</code> located in the
> * <code>LoginModule</code>. If this LoginModule's own
> * authentication attempted failed, then this method removes
> * any state that was originally saved.
> *
> * <p>
> *
> * @exception LoginException if the commit fails.
> *
> * @return true if this LoginModule's own login and commit
> * attempts succeeded, or false otherwise.
> */
> public boolean commit() throws LoginException {
> if(debug)
> System.out.println("SampleLoginModule commit() - BEGIN");
> if (succeeded == false) {
> if(debug)
> System.out.println("SampleLoginModule commit() - END, return
> FALSE");
> return false;
> } else {
> // add a Principal (authenticated identity)
> // to the Subject
>
> // assume the user we authenticated is the SamplePrincipal
> userPrincipal = new SamplePrincipal(username);
> rolePrincipal = new RolePrincipal("normalUser");
>
> if (!subject.getPrincipals().contains(userPrincipal)){
> if(debug)
> System.out.println("DON't contain userPrincipal");
> subject.getPrincipals().add(userPrincipal);
> }
> if(!subject.getPrincipals().contains(rolePrincipal)) {
> if (debug)
> System.out.println("DON't contain RolePrincipal");
> subject.getPrincipals().add(rolePrincipal);
> } else {
> if (debug)
> System.out.println("CONTAIN's RolePrincipal");
> }
>
> if (debug) {
> System.out.println("\t[SampleLoginModule] " +
> "added SamplePrincipal and RolePrincipal to
> Subject");
> }
>
> // in any case, clean out state
> username = null;
> for (int i = 0; i < password.length; i++)
> password[i] = ' ';
> password = null;
>
> commitSucceeded = true;
> if(debug)
> System.out.println("SampleLoginModule commit() - END, return
> TRUE");
> return true;
> }
> }
>
> /**
> * <p> This method is called if the LoginContext's
> * overall authentication failed.
> * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
> * did not succeed).
> *
> * <p> If this LoginModule's own authentication attempt
> * succeeded (checked by retrieving the private state saved by the
> * <code>login</code> and <code>commit</code> methods),
> * then this method cleans up any state that was originally saved.
> *
> * <p>
> *
> * @exception LoginException if the abort fails.
> *
> * @return false if this LoginModule's own login and/or commit attempts
> * failed, and true otherwise.
> */
> public boolean abort() throws LoginException {
> if(debug)
> System.out.println("SampleLoginModule abort() - BEGIN");
> if (succeeded == false) {
> if(debug)
> System.out.println("SampleLoginModule abort() - END");
> return false;
> } else if (succeeded == true && commitSucceeded == false) {
> // login succeeded but overall authentication failed
> succeeded = false;
> username = null;
> if (password != null) {
> for (int i = 0; i < password.length; i++)
> password[i] = ' ';
> password = null;
> }
> userPrincipal = null;
> } else {
> // overall authentication succeeded and commit succeeded,
> // but someone else's commit failed
> logout();
> }
> if(debug)
> System.out.println("SampleLoginModule abort() - END");
> return true;
> }
>
> /**
> * Logout the user.
> *
> * <p> This method removes the <code>SamplePrincipal</code>
> * that was added by the <code>commit</code> method.
> *
> * <p>
> *
> * @exception LoginException if the logout fails.
> *
> * @return true in all cases since this <code>LoginModule</code>
> * should not be ignored.
> */
> public boolean logout() throws LoginException {
> if(debug)
> System.out.println("SampleLoginModule logout() - BEGIN");
> subject.getPrincipals().remove(userPrincipal);
> succeeded = false;
> succeeded = commitSucceeded;
> username = null;
> if (password != null) {
> for (int i = 0; i < password.length; i++)
> password[i] = ' ';
> password = null;
> }
> userPrincipal = null;
> if(debug)
> System.out.println("SampleLoginModule logout() - END");
> return true;
> }
>}
>
