Re: Attempting JAAS Authentication throws ArrayIndexOutOfBoundsException in NTSystem
Turns out that stoping/starting the Tomcat service with the Tomcat provided service control panel was causing the problem. Using the Windows Services control panel, for whatever reason, allows my authentication scheme to work correctly. H On 9/21/06, Henry McClain [EMAIL PROTECTED] wrote: Gentlemen, I am attempting to authenticate users via JAAS NTLoginModule and repeatedly recieve an ArrayIndexOutOfBoundsException wrapped in a LoginException. The error is (packages removed for confidentiality purposes): javax.security.auth.login.LoginException : java.lang.ArrayIndexOutOfBoundsException at com.sun.security.auth.module.NTSystem.getCurrent(Native Method) at com.sun.security.auth.module.NTSystem.init(Unknown Source) at com.sun.security.auth.module.NTLoginModule.login(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke (Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at javax.security.auth.login.LoginContext.invoke (Unknown Source) at javax.security.auth.login.LoginContext.access$000(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv (Unknown Source) at javax.security.auth.login.LoginContext.login(Unknown Source) at ---confidential .UserServiceBean.authenticate( UserServiceBean.java:40) at ---confidential .UserServiceBean.registerNewUser( UserServiceBean.java:130) at ---confidential .servlets.AppManagerInitServlet.init( AppManagerInitServlet.java:33) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java :243) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Unknown Source) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275) at org.apache.catalina.security.SecurityUtil.doAsPrivilege( SecurityUtil.java:161) at org.apache.catalina.security.SecurityUtil.doAsPrivilege( SecurityUtil.java:114) at org.apache.catalina.core.StandardWrapper.loadServlet( StandardWrapper.java:1099) at org.apache.catalina.core.StandardWrapper.load (StandardWrapper.java :932) at org.apache.catalina.core.StandardContext.loadOnStartup( StandardContext.java:3917) at org.apache.catalina.core.StandardContext.start(StandardContext.java :4201) at org.apache.catalina.core.ContainerBase.addChildInternal( ContainerBase.java:759) at org.apache.catalina.core.ContainerBase.access$000( ContainerBase.java:121) at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run ( ContainerBase.java:143) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java :737) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java :524) at org.apache.catalina.startup.HostConfig.deployWAR (HostConfig.java :809) at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java :698) at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java :472) at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122) at org.apache.catalina.startup.HostConfig.lifecycleEvent ( HostConfig.java:310) at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent( LifecycleSupport.java:119) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java :1021) at org.apache.catalina.core.StandardHost.start(StandardHost.java:718) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java :1013) at org.apache.catalina.core.StandardEngine.start (StandardEngine.java :442) at org.apache.catalina.core.StandardService.start(StandardService.java :450) at org.apache.catalina.core.StandardServer.start(StandardServer.java :709) at org.apache.catalina.startup.Catalina.start(Catalina.java:551) at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java :294) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432) NTSystem.getCurrent(Native Method) is a private method of NTSystem . This code executed as a standalone application works perfectly. This code executed in Tomcat 5.5 (not a servlet) fails. I have exhaustively researched
Attempting JAAS Authentication throws ArrayIndexOutOfBoundsException in NTSystem
the Catalina SecurityManager. For testing purposes, I have given my web
application java.security.AllPermission until this can be resolved. Beyond
instantiating a LoginContext and passing it my CallbackHandler I have no
idea why this would fail, especially since it works in one environment and
not another.
Please help.
=
My environment:
Windows XP SP2
JDK 1.5.0_06 ( I have also tested on 1.5.0_08 with the same results)
Tomcat 5.5.17
Relevant JVM switches:
-Djava.security.manager
-Djava.security.policy=D:\Program Files\Apache Software Foundation\Tomcat
5.5\conf\catalina.policy
-Djava.security.auth.login.config=D:\Program Files\Apache Software
Foundation\Tomcat 5.5\conf\jaas.conf
catalina.policy
// FOR TESTING PURPOSES ONLY
grant codeBase file:${catalina.home}/webapps/myapp/- {
permission java.security.AllPermission;
};
JAAS Config File:
mydomain {
com.sun.security.auth.module.NTLoginModule required debug=true;
};
--
Henry McClain
Life is hard. Wear a helmet
Tell your wife that she looks pretty, even if she looks like a truck.
--
Re: Need Help w. Servlets And The JDBC.
I am currently using the Microsoft SQL Server 2005 JDBC Driver. It is free. If you need to connect to a SQL Server 2000 or 2005, this is a good driver. On 9/21/06, Caldarale, Charles R [EMAIL PROTECTED] wrote: From: Steve R Burrus [mailto:[EMAIL PROTECTED] Subject: Re: Need Help w. Servlets And The JDBC. I don't suppose that on the Tomcat site there is a Type 4 database driver , which I have read is the preferred driver to get because it is pure Java, is there instead of the 1 which I assume I can always get at java.sun.com? Your assumptions are incorrect. Each data base vendor must supply an appropriate JDBC driver, hopefully a type 4 (pure Java) version. There is no generic, all purpose JDBC driver. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Henry McClain Life is hard. Wear a helmet Tell your wife that she looks pretty, even if she looks like a truck. --
