I've encountered a problem using Aries JNDI under Karaf. I've sent messages to both the Shiro and the Aries mailing list. No response on the Aries mailing list but Jared (on the Shiro list) pointed out that there seem to be a similar problem in Karaf's JIRA (which is fixed). I therefore try the Karaf mailing list as well.
Here is the Karaf JIRA: https://issues.apache.org/jira/browse/KARAF-304 That JIRA is about problems with the "rmi:" protocol with Aries JNDI. I have problems with the "ldap:" protocol. I'm Using Apache Shiro 1.1.0 running in Apache Karaf 2.2.4 (with Felix). I also use Apache Aries for JPA, blueprint and transaction support. I use Aries JNDI 0.3.0. Shiro is unable to get an InitialContext. Shiro calls into the standard JRE methods that in turn call Aries JNDI (I don't know why). I get the following stack trace: *org.apache.shiro.authc.AuthenticationException: LDAP naming error while attempting to authenticate user.* * at org.apache.shiro.realm.ldap.AbstractLdapRealm.doGetAuthenticationInfo(AbstractLdapRealm.java:196)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:175)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:179)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:264)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:269)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:247)[119:org.apache.shiro.core:1.1.0] * * at se.digia.skistory.web.SessionHandler.doLogin(SessionHandler.java:57)[122:se.digia.skistory.web:1.0.0.SNAPSHOT] * * at se.digia.skistory.web.SessionHandler.handle(SessionHandler.java:34)[122:se.digia.skistory.web:1.0.0.SNAPSHOT] * * at se.digia.skistory.web.HistoryServlet.doPost(HistoryServlet.java:96)[122:se.digia.skistory.web:1.0.0.SNAPSHOT] * * at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)[94:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0] * * at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)[94:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0] * * at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:538)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] * * at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1352)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] * * at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:74)[121:org.apache.shiro.web:1.1.0] * * at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] * * at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:359)[121:org.apache.shiro.web:1.1.0] * * at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:275)[121:org.apache.shiro.web:1.1.0] * * at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:344)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:272)[121:org.apache.shiro.web:1.1.0] * * at se.digia.skistory.web.security.IniFilter.doFilterInternal(IniFilter.java:59)[122:se.digia.skistory.web:1.0.0.SNAPSHOT] * * at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:81)[121:org.apache.shiro.web:1.1.0] * * at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] * * at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:476)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] * * at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:70)[72:org.ops4j.pax.web.pax-web-jetty:1.0.7] * * at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:517)[62:org.eclipse.jetty.security:7.4.5.v20110725] * * at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:225)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:937)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:116)[72:org.ops4j.pax.web.pax-web-jetty:1.0.7] * * at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:406)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] * * at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:871)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:72)[72:org.ops4j.pax.web.pax-web-jetty:1.0.7] * * at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.eclipse.jetty.server.Server.handle(Server.java:342)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:589)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:1065)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:823)[57:org.eclipse.jetty.http:7.4.5.v20110725] * * at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:220)[57:org.eclipse.jetty.http:7.4.5.v20110725] * * at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411)[61:org.eclipse.jetty.server:7.4.5.v20110725] * * at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535)[56:org.eclipse.jetty.io:7 .4.5.v20110725]* * at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40)[56:org.eclipse.jetty.io:7 .4.5.v20110725]* * at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529)[55:org.eclipse.jetty.util:7.4.5.v20110725] * * at java.lang.Thread.run(Thread.java:662)[:1.6.0_25]* *Caused by: javax.naming.NoInitialContextException: Unable to determine caller's BundleContext* * at org.apache.aries.jndi.OSGiInitialContextFactoryBuilder.getInitialContext(OSGiInitialContextFactoryBuilder.java:49)[107:org.apache.aries.jndi.core:0.3.0] * * at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)[:1.6.0_25] * * at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)[:1.6.0_25] * * at javax.naming.InitialContext.init(InitialContext.java:223)[:1.6.0_25]* * at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)[:1.6.0_25] * * at org.apache.shiro.realm.ldap.DefaultLdapContextFactory.getLdapContext(DefaultLdapContextFactory.java:257)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.realm.ldap.DefaultLdapContextFactory.getLdapContext(DefaultLdapContextFactory.java:221)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm.queryForAuthenticationInfo(ActiveDirectoryRealm.java:108)[119:org.apache.shiro.core:1.1.0] * * at org.apache.shiro.realm.ldap.AbstractLdapRealm.doGetAuthenticationInfo(AbstractLdapRealm.java:191)[119:org.apache.shiro.core:1.1.0] * * ... 48 more* While searching for a resolution I found the following: http://mail-archives.apache.org/mod_mbox/incubator-aries-dev/201011.mbox/%[email protected]%3E It sounds like a similar problem but I can't see how (or if) it was resolved. I now set the TTCL before calling Shiro's login method. This works as a workaround but I don't think that should be necessary. Is this a problem that can be fixed in Karaf or is it an Aries JNDI problem? Any help (or information) is appreciated, /Bengt
