I upgraded my dev environment to JBoss 4.0.2 and I am trying to set up the security, but I cannot work out what mistake I have made that prevents a normal form-based login succeeding.
It is a servlet & EJB app, with seperate war and ear files. It throws this exception when I try to log in: | 10:56:25,070 ERROR [JaasSecurityManagerService] Failed to create sec mgr | java.lang.NullPointerException | at org.jboss.security.plugins.JaasSecurityManagerService.newSecurityDomainCtx(JaasSecurityManagerService.java:534) | at org.jboss.security.plugins.JaasSecurityManagerService.lookupSecurityDomain(JaasSecurityManagerService.java:514) | at org.jboss.security.plugins.JaasSecurityManagerService.access$200(JaasSecurityManagerService.java:66) | at org.jboss.security.plugins.JaasSecurityManagerService$SecurityDomainObjectFactory.invoke(JaasSecurityManagerService.java:611) | at $Proxy129.lookup(Unknown Source) | at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:701) | at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:572) | at javax.naming.InitialContext.lookup(InitialContext.java:351) | at org.jnp.interfaces.NamingContext.resolveLink(NamingContext.java:1046) | at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:685) | at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:572) | at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:227) | at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:391) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:59) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) | at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744) | at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) | at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) | at java.lang.Thread.run(Thread.java:595) | ERROR [org.jboss.web.tomcat.security.JBossSecurityMgrRealm] Error during authenticate | javax.naming.NamingException: Could not dereference object [Root exception is javax.naming.NamingException: Failed to create sec mgr:null] | at org.jnp.interfaces.NamingContext.resolveLink(NamingContext.java:1052) | at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:685) | at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:572) | at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:227) | at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256) | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:391) | at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:59) | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) | at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) | at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744) | at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) | at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) | at java.lang.Thread.run(Thread.java:595) | Caused by: javax.naming.NamingException: Failed to create sec mgr:null | at org.jboss.security.plugins.JaasSecurityManagerService.newSecurityDomainCtx(JaasSecurityManagerService.java:547) | at org.jboss.security.plugins.JaasSecurityManagerService.lookupSecurityDomain(JaasSecurityManagerService.java:514) | at org.jboss.security.plugins.JaasSecurityManagerService.access$200(JaasSecurityManagerService.java:66) | at org.jboss.security.plugins.JaasSecurityManagerService$SecurityDomainObjectFactory.invoke(JaasSecurityManagerService.java:611) | at $Proxy129.lookup(Unknown Source) | at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:701) | at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:572) | at javax.naming.InitialContext.lookup(InitialContext.java:351) | at org.jnp.interfaces.NamingContext.resolveLink(NamingContext.java:1046) | ... 15 more | This is the relevant part of my web.xml: | <security-constraint> | <web-resource-collection> | <web-resource-name>Private pages</web-resource-name> | <description>CMS</description> | <url-pattern>/private/*</url-pattern> | </web-resource-collection> | <auth-constraint> | <description>Anyone with 1 of these roles allowed</description> | <role-name>user</role-name> | </auth-constraint> | <user-data-constraint> | <description>SSL required</description> | <transport-guarantee>CONFIDENTIAL</transport-guarantee> | </user-data-constraint> | </security-constraint> | <login-config> | <auth-method>FORM</auth-method> | <realm-name>GargantusRealm</realm-name> | <form-login-config> | <form-login-page>/login.html</form-login-page> | <form-error-page>/error.html</form-error-page> | </form-login-config> | </login-config> | <security-role> | <description>average surfer</description> | <role-name>user</role-name> | </security-role> | and this is the jboss-web.xml: | <jboss-web> | <security-domain>java:/jaas/GargantusRealm</security-domain> | <context-root>/</context-root> | <ejb-ref> | <ejb-ref-name>ejb/SurveyFacade</ejb-ref-name> | <jndi-name>ejb/SurveyFacade</jndi-name> | </ejb-ref> | <ejb-ref> | <ejb-ref-name>ejb/LibraryFacade</ejb-ref-name> | <jndi-name>ejb/LibraryFacade</jndi-name> | </ejb-ref> | </jboss-web> | and finally the login-config.xml: | <application-policy name="GargantusRealm"> | <authentication> | <login-module | code="org.gargantus.realm.JBossLoginModule" | flag="required"> | <module-option name="encryption">MD5</module-option> | <module-option name="jndi_name"> | java:/jdbc/RealmDS | </module-option> | </login-module> | </authentication> | </application-policy> | My bespoke login module extends AbstractServerLoginModule but I don't think JBoss is even getting as far as loading the class (which I have jarred up and put in jboss/server/default/lib). I turned debug-level logging on for security and can see that JBoss reads the login-config.xml but that's all the info I get, until the exception when I try to log in. I can see from the forum here that others have set it up successfully so I suspect through some oversight I am making a configuration error. Any help would be grand! Adam View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3885262#3885262 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3885262 ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
