All, JBoss version: 4.0.0RC1 Database: MySQL 4.1.7
I am using the DatabaseServerLoginModule to authenticate and I keep getting the following exception that is driving me crazy. I have scoured this forum and the Internet but didn't come across any post that mentioned this exception. It seems that authentication (Phase 1 in Scott Stark's paper) seems to work correctly in that incorrect usernames/passwords are recognized correctly. The problem occurs with Phase 2, it seems, but I am lost here. Any help would be greatly appreciated. The exception details are: 2005-01-21 09:30:19,266 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Created [EMAIL PROTECTED] | 2005-01-21 09:30:19,266 DEBUG [org.jboss.security.plugins.JaasSecurityManager.springapp_security] CachePolicy set to: [EMAIL PROTECTED] | 2005-01-21 09:30:19,266 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] setCachePolicy, [EMAIL PROTECTED] | 2005-01-21 09:30:19,266 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Added springapp_security, [EMAIL PROTECTED] to map | 2005-01-21 09:30:19,826 ERROR [org.apache.coyote.tomcat5.CoyoteAdapter] An exception or error occurred in the container during the request processing | java.lang.NullPointerException | at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.getCachingPrincpal(JBossSecurityMgrRealm.java:321) | at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:257) | at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:229) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446) | at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) | at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:146) | at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) | at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137) | at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) | at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) | at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:122) | at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102) | at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) | at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104) | at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) | at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) | at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) | at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705) | at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) | at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683) | at java.lang.Thread.run(Thread.java:534) Appropriate portion of login-config.xml: <application-policy name="springapp_security"> | <authentication> | <login-module code="org.jboss.security.ClientLoginModule" flag="required"/> | <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> | <module-option name="dsJndiName">java:/SpringappDS</module-option> | <module-option name="principalsQuery">Select password 'Password' from principal_table where username=?</module-option> | <module-option name="rolesQuery">select role 'Roles', role_group 'RoleGroups' from roles_table where username=?</module-option> | </login-module> | </authentication> | </application-policy> web.xml: <?xml version="1.0" encoding="UTF-8"?> | <!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'> | | <web-app> | <servlet> | <servlet-name>springapp</servlet-name> | <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> | <load-on-startup>1</load-on-startup> | </servlet> | | <servlet-mapping> | <servlet-name>springapp</servlet-name> | <url-pattern>*.htm</url-pattern> | </servlet-mapping> | | <welcome-file-list> | <welcome-file> | index.jsp | </welcome-file> | </welcome-file-list> | | <security-constraint> | <web-resource-collection> | <web-resource-name>Spring Application</web-resource-name> | <description>Require users to authenticate</description> | <url-pattern>/*</url-pattern> | <http-method>POST</http-method> | <http-method>GET</http-method> | </web-resource-collection> | <auth-constraint> | <description>Only allow Echo role</description> | <role-name>Echo</role-name> | </auth-constraint> | </security-constraint> | | <security-role> | <description>Echo role</description> | <role-name>Echo</role-name> | </security-role> | | <login-config> | <auth-method>FORM</auth-method> | <form-login-config> | <form-login-page>/login.jsp</form-login-page> | <form-error-page>/login_error.html</form-error-page> | </form-login-config> | </login-config> | | <taglib> | <taglib-uri>/spring</taglib-uri> | <taglib-location>/WEB-INF/spring.tld</taglib-location> | </taglib> | | <resource-ref> | <res-ref-name>SpringappDS</res-ref-name> | <res-type>javax.sql.DataSource</res-type> | <jndi-name>java:/SpringappDS</jndi-name> | <res-auth>SERVLET</res-auth> | </resource-ref> | </web-app> jboss-web.xml: <?xml version="1.0" encoding="UTF-8"?> | | <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3V2//EN" "http://www.jboss.org/j2ee/dtd/jboss-web_3_2.dtd";> | | <jboss-web> | <security-domain>java:/jaas/springapp_security</security-domain> | <resource-ref> | <res-ref-name>SpringappDS</res-ref-name> | <res-type>javax.sql.DataSource</res-type> | <jndi-name>java:/SpringappDS</jndi-name> | </resource-ref> | </jboss-web> I have a simple login.jsp page: <form action="j_security_check" method="post"> | <table border="0" cellpadding="0"> | <tr> | <td>Username: <input type="text" name="j_username" size="22"/></td> | </tr> | <tr> | <td>Password: <input type="password" name="j_password" size="22"/></td> | <tr> | <td><input type="submit" value="Login" /></td> | </tr> | </table> | </form> Portions of the DDL that creates and populates the tables needed by DatabaseServerLoginModule: | # Create the principal table | create table principal_table | ( | username VARCHAR(64), | password VARCHAR(64), | PRIMARY KEY (username) | ); | insert into principal_table values ('java', 'echoman'); | insert into principal_table values ('duke', 'javaman'); | | # Create the roles table | create table roles_table | ( | username VARCHAR(64), | role VARCHAR(64), | role_group VARCHAR(64) | ); | | insert into roles_table values ('java', 'Echo', 'Roles'); | insert into roles_table values ('java', 'Echo', 'Roles'); | insert into roles_table values ('java', 'caller_java', 'CallerPrincipal'); | insert into roles_table values ('java', 'caller_java', 'CallerPrincipal'); | insert into roles_table values ('duke', 'Java', 'Roles'); | insert into roles_table values ('duke', 'Java', 'Roles'); | insert into roles_table values ('duke', 'Coder', 'Roles'); | insert into roles_table values ('duke', 'Coder', 'Roles'); | insert into roles_table values ('duke', 'caller_duke', 'CallerPrincipal'); | insert into roles_table values ('duke', 'caller_duke', 'CallerPrincipal'); View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3863107#3863107 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3863107 ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
