Turns out that stoping/starting the Tomcat service with the Tomcat provided
service control panel was causing the problem. Using the Windows Services
control panel, for whatever reason, allows my authentication scheme to work
correctly.
H
On 9/21/06, Henry McClain <[EMAIL PROTECTED]> wrote:
Gentlemen,
I am attempting to authenticate users via JAAS NTLoginModule and
repeatedly recieve an ArrayIndexOutOfBoundsException wrapped in a
LoginException. The error is (packages removed for confidentiality
purposes):
javax.security.auth.login.LoginException :
java.lang.ArrayIndexOutOfBoundsException
at com.sun.security.auth.module.NTSystem.getCurrent(Native Method)
at com.sun.security.auth.module.NTSystem.<init>(Unknown Source)
at com.sun.security.auth.module.NTLoginModule.login(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke (Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke (Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv (Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at -------confidential-------- .UserServiceBean.authenticate(
UserServiceBean.java:40)
at -------confidential-------- .UserServiceBean.registerNewUser(
UserServiceBean.java:130)
at -------confidential-------- .servlets.AppManagerInitServlet.init(
AppManagerInitServlet.java:33)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java
:243)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(
SecurityUtil.java:161)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(
SecurityUtil.java:114)
at org.apache.catalina.core.StandardWrapper.loadServlet(
StandardWrapper.java:1099)
at org.apache.catalina.core.StandardWrapper.load (StandardWrapper.java
:932)
at org.apache.catalina.core.StandardContext.loadOnStartup(
StandardContext.java:3917)
at org.apache.catalina.core.StandardContext.start(StandardContext.java
:4201)
at org.apache.catalina.core.ContainerBase.addChildInternal(
ContainerBase.java:759)
at org.apache.catalina.core.ContainerBase.access$000(
ContainerBase.java:121)
at org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run (
ContainerBase.java:143)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java
:737)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java
:524)
at org.apache.catalina.startup.HostConfig.deployWAR (HostConfig.java
:809)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java
:698)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java
:472)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
at org.apache.catalina.startup.HostConfig.lifecycleEvent (
HostConfig.java:310)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(
LifecycleSupport.java:119)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java
:1021)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java
:1013)
at org.apache.catalina.core.StandardEngine.start (StandardEngine.java
:442)
at org.apache.catalina.core.StandardService.start(StandardService.java
:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java
:709)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java :294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
NTSystem.getCurrent(Native Method) is a private method of NTSystem .
This code executed as a standalone application works perfectly. This code
executed in Tomcat 5.5 (not a servlet) fails. I have exhaustively
researched this on the web and have attempted to trace the problem in the
JAAS source code. The current operation has a servlet (
AppManagerInitServlet ) initializing on Tomcat startup that attempts to
authenticate a known user (for testing purposes). I am currently executing
this code with the Catalina SecurityManager in place, but I have get the
exact same results not using the Catalina SecurityManager. For testing
purposes, I have given my web application java.security.AllPermissionuntil this
can be resolved. Beyond instantiating a
LoginContext and passing it my CallbackHandler I have no idea why this
would fail, especially since it works in one environment and not another.
Please help.
=====================================================================================================================
My environment:
Windows XP SP2
JDK 1.5.0_06 ( I have also tested on 1.5.0_08 with the same results)
Tomcat 5.5.17
Relevant JVM switches:
-Djava.security.manager
-Djava.security.policy=D:\Program Files\Apache Software Foundation\Tomcat
5.5\conf\catalina.policy
-Djava.security.auth.login.config=D:\Program Files\Apache Software
Foundation\Tomcat 5.5\conf\jaas.conf
catalina.policy
// FOR TESTING PURPOSES ONLY
grant codeBase "file:${ catalina.home}/webapps/myapp/-" {
permission java.security.AllPermission;
};
JAAS Config File:
mydomain {
com.sun.security.auth.module.NTLoginModule required debug=true;
};
--
Henry McClain
"Life is hard. Wear a helmet"
"Tell your wife that she looks pretty, even if she looks like a truck."
--
--
Henry McClain
"Life is hard. Wear a helmet"
"Tell your wife that she looks pretty, even if she looks like a truck."
--
