[jira] Closed: (GERONIMO-1248) Problem in using a security realm added through geronimo console
[ http://issues.apache.org/jira/browse/GERONIMO-1248?page=all ] Vamsavardhana Reddy closed GERONIMO-1248: - > Problem in using a security realm added through geronimo console > > > Key: GERONIMO-1248 > URL: http://issues.apache.org/jira/browse/GERONIMO-1248 > Project: Geronimo > Type: Bug > Versions: 1.0-M5 > Environment: Win XP, Sun JDK 1.4.2_08 > Reporter: Vamsavardhana Reddy > Assignee: Aaron Mulder > Fix For: 1.0 > > I have created a simple web application that uses a FORM authentication > method. In the deployment plan, I have configured the application to use > "geronimo-properties-realm". The application works fine. > At this point a added a new realm with name "onemore-properties-realm" > through the "Security Realms" portlet. I have modified the deployment plan > to use this newly added security realm and redeployed the application. The > security part of this application does not work anymore. I am getting the > following exception on login attempt. > 17:41:53,036 INFO [JAASJettyRealm] problem > javax.security.auth.login.LoginException: java.lang.NullPointerException: > target is null > at > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) > at > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1565) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1517) > at org.mortbay.http.HttpServer.service(HttpServer.java:954) > at org.mortbay.http.HttpConnection.service(HttpConnection.java:816) > at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983) > at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833) > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) > at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) > at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) &g
[jira] Updated: (GERONIMO-1248) Problem in using a security realm added through geronimo console
[ http://issues.apache.org/jira/browse/GERONIMO-1248?page=all ] Aaron Mulder updated GERONIMO-1248: --- Version: 1.0-M5 (was: 1.0) > Problem in using a security realm added through geronimo console > > > Key: GERONIMO-1248 > URL: http://issues.apache.org/jira/browse/GERONIMO-1248 > Project: Geronimo > Type: Bug > Versions: 1.0-M5 > Environment: Win XP, Sun JDK 1.4.2_08 > Reporter: Vamsavardhana Reddy > Assignee: Aaron Mulder > Fix For: 1.0 > > I have created a simple web application that uses a FORM authentication > method. In the deployment plan, I have configured the application to use > "geronimo-properties-realm". The application works fine. > At this point a added a new realm with name "onemore-properties-realm" > through the "Security Realms" portlet. I have modified the deployment plan > to use this newly added security realm and redeployed the application. The > security part of this application does not work anymore. I am getting the > following exception on login attempt. > 17:41:53,036 INFO [JAASJettyRealm] problem > javax.security.auth.login.LoginException: java.lang.NullPointerException: > target is null > at > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) > at > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1565) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1517) > at org.mortbay.http.HttpServer.service(HttpServer.java:954) > at org.mortbay.http.HttpConnection.service(HttpConnection.java:816) > at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983) > at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833) > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) > at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) > at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) &g
[jira] Resolved: (GERONIMO-1248) Problem in using a security realm added through geronimo console
[ http://issues.apache.org/jira/browse/GERONIMO-1248?page=all ] Aaron Mulder resolved GERONIMO-1248: Fix Version: 1.0 Resolution: Fixed Should have been fixed by a change last week to add the login service reference -- please test! Thanks! > Problem in using a security realm added through geronimo console > > > Key: GERONIMO-1248 > URL: http://issues.apache.org/jira/browse/GERONIMO-1248 > Project: Geronimo > Type: Bug > Versions: 1.0-M5 > Environment: Win XP, Sun JDK 1.4.2_08 > Reporter: Vamsavardhana Reddy > Assignee: Aaron Mulder > Fix For: 1.0 > > I have created a simple web application that uses a FORM authentication > method. In the deployment plan, I have configured the application to use > "geronimo-properties-realm". The application works fine. > At this point a added a new realm with name "onemore-properties-realm" > through the "Security Realms" portlet. I have modified the deployment plan > to use this newly added security realm and redeployed the application. The > security part of this application does not work anymore. I am getting the > following exception on login attempt. > 17:41:53,036 INFO [JAASJettyRealm] problem > javax.security.auth.login.LoginException: java.lang.NullPointerException: > target is null > at > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) > at > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1565) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1517) > at org.mortbay.http.HttpServer.service(HttpServer.java:954) > at org.mortbay.http.HttpConnection.service(HttpConnection.java:816) > at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983) > at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833) > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) > at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) > at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authent
[jira] Commented: (GERONIMO-1248) Problem in using a security realm added through geronimo console
[ http://issues.apache.org/jira/browse/GERONIMO-1248?page=comments#action_1235 ] David Jencks commented on GERONIMO-1248: this is caused by a missing reference to JaasLoginService in the plan. org/apache/geronimo/SecurityJaasLoginService > Problem in using a security realm added through geronimo console > > > Key: GERONIMO-1248 > URL: http://issues.apache.org/jira/browse/GERONIMO-1248 > Project: Geronimo > Type: Bug > Versions: 1.0 > Environment: Win XP, Sun JDK 1.4.2_08 > Reporter: Vamsavardhana Reddy > Assignee: Aaron Mulder > > I have created a simple web application that uses a FORM authentication > method. In the deployment plan, I have configured the application to use > "geronimo-properties-realm". The application works fine. > At this point a added a new realm with name "onemore-properties-realm" > through the "Security Realms" portlet. I have modified the deployment plan > to use this newly added security realm and redeployed the application. The > security part of this application does not work anymore. I am getting the > following exception on login attempt. > 17:41:53,036 INFO [JAASJettyRealm] problem > javax.security.auth.login.LoginException: java.lang.NullPointerException: > target is null > at > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) > at > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1565) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1517) > at org.mortbay.http.HttpServer.service(HttpServer.java:954) > at org.mortbay.http.HttpConnection.service(HttpConnection.java:816) > at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983) > at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833) > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) > at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) > at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authentica
Re: Problem in using a security realm added through geronimo console
Done. http://issues.apache.org/jira/browse/GERONIMO-1248 -VamsiOn 11/29/05, Aaron Mulder <[EMAIL PROTECTED]> wrote: If someone puts in a JIRA for that I can make the fix. At the momentthe portlet's just using the XMLBeans from service-builder andsecurity-builder to build the plan.AaronOn 11/29/05, David Jencks < [EMAIL PROTECTED]> wrote:> It looks to me as if the portlet is broken, and needs to add>> > name="LoginService">org/apache/geronimo/Security> module>JaasLoginService>> to the plan it generates. Unfortunately I'm not sure how the portlet> works perhaps filing a jira issue would be a good idea. >> thanks> david jencks>> On Nov 29, 2005, at 5:12 AM, Vamsavardhana Reddy wrote:>> > The new realm is added through "Security realms" portlet and it shows > > the following plan on clicking the "show plan" button.> >> > > > parentId="org/apache/geronimo/Server" > > xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0">> > > > class=" org.apache.geronimo.security.realm.GenericSecurityRealm">> > onemore-security-realm> > > >> > geronimo.server:J2EEApplication=null,J2EEModule=org/> > apache/geronimo/> > System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo > > > > > > > > xmlns:log=" http://geronimo.apache.org/xml/ns/loginconfig-1.0">> > > > server-side="true">> >> > onemore-security-realm > >> > > > class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginM> > odule> > > > name="usersURI">var/security/vamsi- users.properties> > > > name="groupsURI">var/security/vamsi-groups.properties> > > > > > > > > > > >> > On 11/29/05, Krishnakumar B <[EMAIL PROTECTED]> wrote: > >>> >> Check the deployment plan if the references are correct.> >>> >> Sample plan file.> >>> >> > >> class=" org.apache.geronimo.security.realm.GenericSecurityRealm">> >> test-realm> >> > >> test-login> >> > >> > >> org/apache/geronimo/System > >> ServerInfo> >> > >> > >> name="LoginService">org/apache/geronimo/Security > >> module>JaasLoginService> >> > >>> >> > >> class="org.apache.geronimo.security.jaas.JaasLoginModuleUse ">> >> REQUIRED> >> > >> test-login > >> > >> > >> > >>> >> Regards> >> Krish> >>> >> On 11/29/05, Vamsavardhana Reddy < [EMAIL PROTECTED]> wrote:> >> > Here is the description of problem I am facing.> >> >> >> > I have created a simple web application that uses a FORM > >> authentication> >> > method.In the deployment plan, I have configured the application> >> to use> >> > "geronimo-properties-realm".The application works fine. > >> >> >> > At this point a added a new realm with name> >> "onemore-properties-realm"> >> > through the "Security Realms" portlet.I have modified the > >> deployment plan> >> > to use this newly added security realm and redeployed the> >> application.The> >> > security part of this application does not work anymore.I am> >> getting the> >> > following exception on login attempt.> >> >> >> >> >> > 17:41:53,036 INFO[JAASJettyRealm] problem> >> > javax.security.auth.login.LoginException:> >> > java.lang.NullPointerException: target is null> >> > at> >> > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy > >> (BasicProxyManager.java:104)> >> > at> >> >> >> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(> >> JaasLoginCoordinator.java:173) > >> > at> >> >> >> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initiali> >> ze (JaasLoginCoordinator.java:85)> >> > at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native> >> > Method)> >> > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown> >> > Source)> >> > at> >> > sun.reflect.DelegatingMethodAccessorImpl.invoke (Unknown> >> > Source)> >> > at java.lang.reflect.Method.invoke(Unknown Source)> >> > at> >> > javax.security.auth.login.LoginContext.invoke(Unknown> >> > Source) > >> > at> >> > javax.security.auth.login.LoginContext.access$000 (Unknown> >> > Source)> >> > at javax.security.auth.login.LoginContext$4.run(Unknown> >> > Source) > >> > at java.security.AccessController.doPrivileged(Native> >> > Method)> >> > at> >> > javax.security.auth.login.LoginContext.invokeModule (Unknown> >> > Source) > >> > at javax.security.auth.login.LoginContext.login(Unknown> >> > Source)> >> > at> >> >> >> org.apache.geronimo.jetty.JAASJettyRealm.authenticate (JAASJettyRealm.j> >> ava:92)> >> > at> >> >> >> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat> >> e(FormAuthenticator.java:305) > >> > at> >> >> >> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic> >> ator.java:148)> >> > at> >> >> >> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai> >> nUser(SecurityContextBeforeAfter.java:282)> >> > at> >> >> >> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check > >> SecurityConstraints (SecurityContextBeforeAfter.java:191)> >> > at> >> >> >> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(> >> JettyWebAppContext.java:520)> >> > at> >> > org.mortbay.jet
[jira] Created: (GERONIMO-1248) Problem in using a security realm added through geronimo console
Problem in using a security realm added through geronimo console Key: GERONIMO-1248 URL: http://issues.apache.org/jira/browse/GERONIMO-1248 Project: Geronimo Type: Bug Versions: 1.0 Environment: Win XP, Sun JDK 1.4.2_08 Reporter: Vamsavardhana Reddy Assigned to: Aaron Mulder I have created a simple web application that uses a FORM authentication method. In the deployment plan, I have configured the application to use "geronimo-properties-realm". The application works fine. At this point a added a new realm with name "onemore-properties-realm" through the "Security Realms" portlet. I have modified the deployment plan to use this newly added security realm and redeployed the application. The security part of this application does not work anymore. I am getting the following exception on login attempt. 17:41:53,036 INFO [JAASJettyRealm] problem javax.security.auth.login.LoginException: java.lang.NullPointerException: target is null at org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104) at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173) at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at javax.security.auth.login.LoginContext.invoke(Unknown Source) at javax.security.auth.login.LoginContext.access$000(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) at javax.security.auth.login.LoginContext.login(Unknown Source) at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) at org.mortbay.http.HttpContext.handle(HttpContext.java:1565) at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) at org.mortbay.http.HttpContext.handle(HttpContext.java:1517) at org.mortbay.http.HttpServer.service(HttpServer.java:954) at org.mortbay.http.HttpConnection.service(HttpConnection.java:816) at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983) at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833) at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) at javax.security.auth.login.LoginContext.invoke(Unknown Source) at javax.security.auth.login.LoginContext.access$000(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) at javax.security.auth.login.LoginContext.login(Unknown Source) at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) at org.mortbay.http.HttpContext.handle
Re: Problem in using a security realm added through geronimo console
If someone puts in a JIRA for that I can make the fix. At the moment the portlet's just using the XMLBeans from service-builder and security-builder to build the plan. Aaron On 11/29/05, David Jencks <[EMAIL PROTECTED]> wrote: > It looks to me as if the portlet is broken, and needs to add > > name="LoginService">org/apache/geronimo/Security module>JaasLoginService > > to the plan it generates. Unfortunately I'm not sure how the portlet > works perhaps filing a jira issue would be a good idea. > > thanks > david jencks > > On Nov 29, 2005, at 5:12 AM, Vamsavardhana Reddy wrote: > > > The new realm is added through "Security realms" portlet and it shows > > the following plan on clicking the "show plan" button. > > > > > parentId="org/apache/geronimo/Server" > > xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0";> > >> class="org.apache.geronimo.security.realm.GenericSecurityRealm"> > > onemore-security-realm > > > > > > geronimo.server:J2EEApplication=null,J2EEModule=org/ > > apache/geronimo/ > > System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo > > > > > >> xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0";> > >> server-side="true"> > > > > onemore-security-realm > > > > > class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginM > > odule > >> name="usersURI">var/security/vamsi-users.properties > >> name="groupsURI">var/security/vamsi-groups.properties > > > > > > > > > > > > > > On 11/29/05, Krishnakumar B <[EMAIL PROTECTED]> wrote: > >> > >> Check the deployment plan if the references are correct. > >> > >> Sample plan file. > >> > >> >> class="org.apache.geronimo.security.realm.GenericSecurityRealm"> > >> test-realm > >> > >> test-login > >> > >> > >> org/apache/geronimo/System > >> ServerInfo > >> > >> >> name="LoginService">org/apache/geronimo/Security >> module>JaasLoginService > >> > >> > >> >> class="org.apache.geronimo.security.jaas.JaasLoginModuleUse"> > >> REQUIRED > >> > >> test-login > >> > >> > >> > >> > >> Regards > >> Krish > >> > >> On 11/29/05, Vamsavardhana Reddy < [EMAIL PROTECTED]> wrote: > >> > Here is the description of problem I am facing. > >> > > >> > I have created a simple web application that uses a FORM > >> authentication > >> > method.In the deployment plan, I have configured the application > >> to use > >> > "geronimo-properties-realm".The application works fine. > >> > > >> > At this point a added a new realm with name > >> "onemore-properties-realm" > >> > through the "Security Realms" portlet.I have modified the > >> deployment plan > >> > to use this newly added security realm and redeployed the > >> application.The > >> > security part of this application does not work anymore.I am > >> getting the > >> > following exception on login attempt. > >> > > >> > > >> > 17:41:53,036 INFO[JAASJettyRealm] problem > >> > javax.security.auth.login.LoginException: > >> > java.lang.NullPointerException: target is null > >> > at > >> > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy > >> (BasicProxyManager.java:104) > >> > at > >> > > >> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect( > >> JaasLoginCoordinator.java:173) > >> > at > >> > > >> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initiali > >> ze (JaasLoginCoordinator.java:85) > >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > >> > Method) > >> > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown > >> > Source) > >> > at > >> > sun.reflect.DelegatingMethodAccessorImpl.invoke (Unknown > >> > Source) > >> > at java.lang.reflect.Method.invoke(Unknown Source) > >> > at > >> > javax.security.auth.login.LoginContext.invoke(Unknown > >> > Source) > >> > at > >> > javax.security.auth.login.LoginContext.access$000 (Unknown > >> > Source) > >> > at javax.security.auth.login.LoginContext$4.run(Unknown > >> > Source) > >> > at java.security.AccessController.doPrivileged(Native > >> > Method) > >> > at > >> > javax.security.auth.login.LoginContext.invokeModule (Unknown > >> > Source) > >> > at javax.security.auth.login.LoginContext.login(Unknown > >> > Source) > >> > at > >> > > >> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j > >> ava:92) > >> > at > >> > > >> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat > >> e(FormAuthenticator.java:305) > >> > at > >> > > >> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic > >> ator.java:148) > >> > at > >> > > >> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai > >> nUser(SecurityContextBeforeAfter.java:282) > >> > at > >> > > >> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check > >> SecurityConstraints (SecurityContextBeforeAfter.java:191) > >> > at > >> > > >> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints( > >> JettyWebAppContext.java:520) > >> > at > >> > org.mortbay.jetty.ser
Re: Problem in using a security realm added through geronimo console
It looks to me as if the portlet is broken, and needs to add name="LoginService">org/apache/geronimo/Securitymodule>JaasLoginService to the plan it generates. Unfortunately I'm not sure how the portlet works perhaps filing a jira issue would be a good idea. thanks david jencks On Nov 29, 2005, at 5:12 AM, Vamsavardhana Reddy wrote: The new realm is added through "Security realms" portlet and it shows the following plan on clicking the "show plan" button. parentId="org/apache/geronimo/Server" xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0";> class="org.apache.geronimo.security.realm.GenericSecurityRealm"> onemore-security-realm geronimo.server:J2EEApplication=null,J2EEModule=org/ apache/geronimo/ System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0";> server-side="true"> onemore-security-realm class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginM odule name="usersURI">var/security/vamsi-users.properties name="groupsURI">var/security/vamsi-groups.properties On 11/29/05, Krishnakumar B <[EMAIL PROTECTED]> wrote: Check the deployment plan if the references are correct. Sample plan file. test-realm test-login org/apache/geronimo/System ServerInfo name="LoginService">org/apache/geronimo/Securitymodule>JaasLoginService REQUIRED test-login Regards Krish On 11/29/05, Vamsavardhana Reddy < [EMAIL PROTECTED]> wrote: > Here is the description of problem I am facing. > > I have created a simple web application that uses a FORM authentication > method. In the deployment plan, I have configured the application to use > "geronimo-properties-realm". The application works fine. > > At this point a added a new realm with name "onemore-properties-realm" > through the "Security Realms" portlet. I have modified the deployment plan > to use this newly added security realm and redeployed the application. The > security part of this application does not work anymore. I am getting the > following exception on login attempt. > > > 17:41:53,036 INFO [JAASJettyRealm] problem > javax.security.auth.login.LoginException: > java.lang.NullPointerException: target is null > at > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy (BasicProxyManager.java:104) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect( JaasLoginCoordinator.java:173) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initiali ze (JaasLoginCoordinator.java:85) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown > Source) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke (Unknown > Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at > javax.security.auth.login.LoginContext.invoke(Unknown > Source) > at > javax.security.auth.login.LoginContext.access$000 (Unknown > Source) > at javax.security.auth.login.LoginContext$4.run(Unknown > Source) > at java.security.AccessController.doPrivileged(Native > Method) > at > javax.security.auth.login.LoginContext.invokeModule (Unknown > Source) > at javax.security.auth.login.LoginContext.login(Unknown > Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j ava:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat e(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic ator.java:148) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai nUser(SecurityContextBeforeAfter.java:282) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check SecurityConstraints (SecurityContextBeforeAfter.java:191) > at > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints( JettyWebAppContext.java:520) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch (WebApplicationHandler.java:432) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java: 568) > at > org.mortbay.http.HttpContext.handle(HttpContext.java:1565) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationC ontext.java:633) > at > org.mortbay.http.HttpContext.handle(HttpContext.java:1517) > at > org.mortbay.http.HttpServer.service (HttpServer.java:954) > at > org.mortbay.http.HttpConnection.service(HttpConnection.java:816) > at > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983) > at > org
Re: Problem in using a security realm added through geronimo console
The new realm is added through "Security realms" portlet and it shows the following plan on clicking the "show plan" button. http://geronimo.apache.org/xml/ns/deployment-1.0"> onemore-security-realm geronimo.server:J2EEApplication=null,J2EEModule=org/apache/geronimo/System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo http://geronimo.apache.org/xml/ns/loginconfig-1.0"> onemore-security-realm org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule var/security/vamsi-users.properties var/security/vamsi-groups.properties On 11/29/05, Krishnakumar B <[EMAIL PROTECTED]> wrote: hi,Check the deployment plan if the references are correct.Sample plan file.class="org.apache.geronimo.security.realm.GenericSecurityRealm"> test-realmtest-login org/apache/geronimo/System ServerInfoorg/apache/geronimo/SecurityJaasLoginService class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">REQUIRED test-loginRegardsKrishOn 11/29/05, Vamsavardhana Reddy < [EMAIL PROTECTED]> wrote:> Here is the description of problem I am facing.>> I have created a simple web application that uses a FORM authentication> method. In the deployment plan, I have configured the application to use > "geronimo-properties-realm". The application works fine.>> At this point a added a new realm with name "onemore-properties-realm"> through the "Security Realms" portlet. I have modified the deployment plan > to use this newly added security realm and redeployed the application. The> security part of this application does not work anymore. I am getting the> following exception on login attempt.> >> 17:41:53,036 INFO [JAASJettyRealm] problem> javax.security.auth.login.LoginException:> java.lang.NullPointerException: target is null> at> org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy (BasicProxyManager.java:104)> at> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173)> at> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize (JaasLoginCoordinator.java:85)> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native> Method)> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown> Source)> at> sun.reflect.DelegatingMethodAccessorImpl.invoke (Unknown> Source)> at java.lang.reflect.Method.invoke(Unknown Source)> at> javax.security.auth.login.LoginContext.invoke(Unknown> Source)> at> javax.security.auth.login.LoginContext.access$000 (Unknown> Source)> at javax.security.auth.login.LoginContext$4.run(Unknown> Source)> at java.security.AccessController.doPrivileged(Native> Method)> at> javax.security.auth.login.LoginContext.invokeModule (Unknown> Source)> at javax.security.auth.login.LoginContext.login(Unknown> Source)> at> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92)> at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)> at> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)> at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)> at> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints (SecurityContextBeforeAfter.java:191)> at> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520)> at> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch (WebApplicationHandler.java:432)> at> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)> at> org.mortbay.http.HttpContext.handle(HttpContext.java:1565)> at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)> at> org.mortbay.http.HttpContext.handle(HttpContext.java:1517)> at> org.mortbay.http.HttpServer.service (HttpServer.java:954)> at> org.mortbay.http.HttpConnection.service(HttpConnection.java:816)> at> org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)> at> org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)> at> org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)> at> org.mortbay.util.ThreadedServer.handle (ThreadedServer.java:357)> at> org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)>> at> javax.security.auth.login.LoginContext.invoke(Unknown> Source)> at > javax.security.auth.login.LoginContext.access$000(Unknown> Source)> at javax.security.auth.login.LoginContext$4.run(Unknown> Source)> at java.security.AccessController.doPrivileged (Native> Method)> at> javax.security.auth.login.LoginContext.invokeMod
Re: Problem in using a security realm added through geronimo console
hi, Check the deployment plan if the references are correct. Sample plan file. test-realm test-login org/apache/geronimo/System ServerInfo org/apache/geronimo/SecurityJaasLoginService REQUIRED test-login Regards Krish On 11/29/05, Vamsavardhana Reddy <[EMAIL PROTECTED]> wrote: > Here is the description of problem I am facing. > > I have created a simple web application that uses a FORM authentication > method. In the deployment plan, I have configured the application to use > "geronimo-properties-realm". The application works fine. > > At this point a added a new realm with name "onemore-properties-realm" > through the "Security Realms" portlet. I have modified the deployment plan > to use this newly added security realm and redeployed the application. The > security part of this application does not work anymore. I am getting the > following exception on login attempt. > > > 17:41:53,036 INFO [JAASJettyRealm] problem > javax.security.auth.login.LoginException: > java.lang.NullPointerException: target is null > at > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown > Source) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown > Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at > javax.security.auth.login.LoginContext.invoke(Unknown > Source) > at > javax.security.auth.login.LoginContext.access$000(Unknown > Source) > at javax.security.auth.login.LoginContext$4.run(Unknown > Source) > at java.security.AccessController.doPrivileged(Native > Method) > at > javax.security.auth.login.LoginContext.invokeModule(Unknown > Source) > at javax.security.auth.login.LoginContext.login(Unknown > Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) > at > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) > at > org.mortbay.http.HttpContext.handle(HttpContext.java:1565) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) > at > org.mortbay.http.HttpContext.handle(HttpContext.java:1517) > at > org.mortbay.http.HttpServer.service(HttpServer.java:954) > at > org.mortbay.http.HttpConnection.service(HttpConnection.java:816) > at > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983) > at > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833) > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) > at > org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) > at > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) > > at > javax.security.auth.login.LoginContext.invoke(Unknown > Source) > at > javax.security.auth.login.LoginContext.access$000(Unknown > Source) > at javax.security.auth.login.LoginContext$4.run(Unknown > Source) > at java.security.AccessController.doPrivileged(Native > Method) > at > javax.security.auth.login.LoginContext.invokeModule(Unknown > Source) > at javax.security.auth.login.LoginContext.login(Unknown > Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) > at > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(
Problem in using a security realm added through geronimo console
Here is the description of problem I am facing. I have created a simple web application that uses a FORM authentication method. In the deployment plan, I have configured the application to use "geronimo-properties-realm". The application works fine. At this point a added a new realm with name "onemore-properties-realm" through the "Security Realms" portlet. I have modified the deployment plan to use this newly added security realm and redeployed the application. The security part of this application does not work anymore. I am getting the following exception on login attempt. 17:41:53,036 INFO [JAASJettyRealm] problem javax.security.auth.login.LoginException: java.lang.NullPointerException: target is null at org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy(BasicProxyManager.java:104) at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect(JaasLoginCoordinator.java:173) at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initialize(JaasLoginCoordinator.java:85) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at javax.security.auth.login.LoginContext.invoke(Unknown Source) at javax.security.auth.login.LoginContext.access$000(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) at javax.security.auth.login.LoginContext.login(Unknown Source) at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) at org.mortbay.http.HttpContext.handle(HttpContext.java:1565) at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) at org.mortbay.http.HttpContext.handle(HttpContext.java:1517) at org.mortbay.http.HttpServer.service(HttpServer.java:954) at org.mortbay.http.HttpConnection.service(HttpConnection.java:816) at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983) at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833) at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) at javax.security.auth.login.LoginContext.invoke(Unknown Source) at javax.security.auth.login.LoginContext.access$000(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) at javax.security.auth.login.LoginContext.login(Unknown Source) at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:92) at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:520) at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) at org.mortbay.http.HttpContext.handle(HttpContext.java:1565) at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) at org.mortbay.http.HttpContext.handle(HttpContext.java:1517) at org.mortbay.http.HttpServer.service(HttpServer.java:954) at org.mortbay.http.HttpConnection.service(HttpConnection.java:816) at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983) at org.mortbay.http.HttpConnection.handle(HttpC