[jboss-user] [Security & JAAS/JBoss] - Re: How to authenticate to the JBoss server without FORM aut
Marcos_APS
do-not-reply at jboss.com
Mon Aug 11 07:44:15 EDT 2008
"ragavgomatam" wrote : Hi,
| Can you please publish your ejb method permissions ?
Hello, ragavgomatam! You solved the problem. I wasn't really securing my EJB methods. After applying the security with the @SecurityDomain and @RolesAllowed annotations, everything worked as expected. Now with a real username and password the session bean method calls works without problems, but with an invalid username and/or password or without authentication it the method calls fail.
But another issue arised now. It's no more related with programmatically authenticating, but with programmatically loging out from the authentication. I'm using JSF in my web application. So, I put the code to logout in a session backing bean method marked with the @PreDestroy annotation. In JSF, methods marked with this annotation are called when the JSF container dispose of the backing bean that it automatically created. So, I thought that this would be a good place to put the logout code, like this:
| @PreDestroy
| public void finalizar()
| {
| IAutenticacao autenticacao =
| FabricaDados.getInstancia().getAutenticacao();
| autenticacao.logout(); // This just calls webAuthentication.logout() inside
| }
|
but I get the following error message:
| 2008-08-11 08:38:05,546 ERROR [org.jboss.web.jsf.integration.injection.JBossInjectionProvider] PreDestroy failed on managed bean.
| java.lang.reflect.InvocationTargetException
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.apache.catalina.util.DefaultAnnotationProcessor.preDestroy(DefaultAnnotationProcessor.java:112)
| at org.jboss.web.jsf.integration.injection.JBossInjectionProvider.invokePreDestroy(JBossInjectionProvider.java:80)
| at com.sun.faces.mgbean.BeanBuilder.destroy(BeanBuilder.java:120)
| at com.sun.faces.mgbean.BeanManager.destroy(BeanManager.java:248)
| at com.sun.faces.application.WebappLifecycleListener.handleAttributeEvent(WebappLifecycleListener.java:265)
| at com.sun.faces.application.WebappLifecycleListener.sessionDestroyed(WebappLifecycleListener.java:133)
| at com.sun.faces.config.ConfigureListener.sessionDestroyed(ConfigureListener.java:296)
| at org.apache.catalina.session.StandardSession.expire(StandardSession.java:702)
| at org.apache.catalina.session.StandardSession.expire(StandardSession.java:660)
| at org.apache.catalina.session.StandardManager.stop(StandardManager.java:676)
| at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4523)
| at org.apache.catalina.core.ContainerBase.destroy(ContainerBase.java:1163)
| at org.apache.catalina.core.StandardContext.destroy(StandardContext.java:4617)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:296)
| at org.jboss.mx.server.RawDynamicInvoker.invoke(RawDynamicInvoker.java:164)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.web.tomcat.service.TomcatDeployer.performUndeployInternal(TomcatDeployer.java:461)
| at org.jboss.web.tomcat.service.TomcatDeployer.performUndeploy(TomcatDeployer.java:432)
| at org.jboss.web.AbstractWebDeployer.stop(AbstractWebDeployer.java:422)
| at org.jboss.web.WebModule.stopModule(WebModule.java:100)
| at org.jboss.web.WebModule.stopService(WebModule.java:66)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalStop(ServiceMBeanSupport.java:315)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:247)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
| at $Proxy0.stop(Unknown Source)
| at org.jboss.system.ServiceController.stop(ServiceController.java:508)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy44.stop(Unknown Source)
| at org.jboss.web.AbstractWebContainer.stop(AbstractWebContainer.java:498)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.interceptor.DynamicInterceptor.invoke(DynamicInterceptor.java:97)
| at org.jboss.system.InterceptorServiceMBeanSupport.invokeNext(InterceptorServiceMBeanSupport.java:238)
| at org.jboss.wsf.container.jboss42.DeployerInterceptor.stop(DeployerInterceptor.java:98)
| at org.jboss.deployment.SubDeployerInterceptorSupport$XMBeanInterceptor.stop(SubDeployerInterceptorSupport.java:196)
| at org.jboss.deployment.SubDeployerInterceptor.invoke(SubDeployerInterceptor.java:99)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy45.stop(Unknown Source)
| at org.jboss.deployment.MainDeployer.stop(MainDeployer.java:667)
| at org.jboss.deployment.MainDeployer.undeploy(MainDeployer.java:638)
| at org.jboss.deployment.MainDeployer.undeploy(MainDeployer.java:632)
| at org.jboss.deployment.MainDeployer.undeploy(MainDeployer.java:615)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy9.undeploy(Unknown Source)
| at org.jboss.deployment.scanner.URLDeploymentScanner.undeploy(URLDeploymentScanner.java:450)
| at org.jboss.deployment.scanner.URLDeploymentScanner.scan(URLDeploymentScanner.java:604)
| at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.doScan(AbstractDeploymentScanner.java:263)
| at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.loop(AbstractDeploymentScanner.java:274)
| at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.run(AbstractDeploymentScanner.java:225)
| Caused by: java.lang.IllegalStateException: request is null
| at org.jboss.web.tomcat.security.login.WebAuthentication.logout(WebAuthentication.java:115)
| at br.urca.www.biblioteca.dados.ejb.AutenticacaoEJB.logout(AutenticacaoEJB.java:29)
| at br.urca.www.biblioteca.web.PesquisaAcervo.finalizar(PesquisaAcervo.java:60)
| ... 97 more
| 2008-08-11 08:38:05,562 ERROR [org.jboss.web.jsf.integration.injection.JBossInjectionProvider] PreDestroy failed on managed bean.
| java.lang.reflect.InvocationTargetException
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.apache.catalina.util.DefaultAnnotationProcessor.preDestroy(DefaultAnnotationProcessor.java:112)
| at org.jboss.web.jsf.integration.injection.JBossInjectionProvider.invokePreDestroy(JBossInjectionProvider.java:80)
| at com.sun.faces.mgbean.BeanBuilder.destroy(BeanBuilder.java:120)
| at com.sun.faces.mgbean.BeanManager.destroy(BeanManager.java:248)
| at com.sun.faces.application.WebappLifecycleListener.handleAttributeEvent(WebappLifecycleListener.java:265)
| at com.sun.faces.application.WebappLifecycleListener.attributeRemoved(WebappLifecycleListener.java:189)
| at com.sun.faces.config.ConfigureListener.attributeRemoved(ConfigureListener.java:333)
| at org.apache.catalina.session.StandardSession.removeAttributeInternal(StandardSession.java:1670)
| at org.apache.catalina.session.StandardSession.expire(StandardSession.java:756)
| at org.apache.catalina.session.StandardSession.expire(StandardSession.java:660)
| at org.apache.catalina.session.StandardManager.stop(StandardManager.java:676)
| at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4523)
| at org.apache.catalina.core.ContainerBase.destroy(ContainerBase.java:1163)
| at org.apache.catalina.core.StandardContext.destroy(StandardContext.java:4617)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:296)
| at org.jboss.mx.server.RawDynamicInvoker.invoke(RawDynamicInvoker.java:164)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.web.tomcat.service.TomcatDeployer.performUndeployInternal(TomcatDeployer.java:461)
| at org.jboss.web.tomcat.service.TomcatDeployer.performUndeploy(TomcatDeployer.java:432)
| at org.jboss.web.AbstractWebDeployer.stop(AbstractWebDeployer.java:422)
| at org.jboss.web.WebModule.stopModule(WebModule.java:100)
| at org.jboss.web.WebModule.stopService(WebModule.java:66)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalStop(ServiceMBeanSupport.java:315)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:247)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
| at $Proxy0.stop(Unknown Source)
| at org.jboss.system.ServiceController.stop(ServiceController.java:508)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy44.stop(Unknown Source)
| at org.jboss.web.AbstractWebContainer.stop(AbstractWebContainer.java:498)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.interceptor.DynamicInterceptor.invoke(DynamicInterceptor.java:97)
| at org.jboss.system.InterceptorServiceMBeanSupport.invokeNext(InterceptorServiceMBeanSupport.java:238)
| at org.jboss.wsf.container.jboss42.DeployerInterceptor.stop(DeployerInterceptor.java:98)
| at org.jboss.deployment.SubDeployerInterceptorSupport$XMBeanInterceptor.stop(SubDeployerInterceptorSupport.java:196)
| at org.jboss.deployment.SubDeployerInterceptor.invoke(SubDeployerInterceptor.java:99)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy45.stop(Unknown Source)
| at org.jboss.deployment.MainDeployer.stop(MainDeployer.java:667)
| at org.jboss.deployment.MainDeployer.undeploy(MainDeployer.java:638)
| at org.jboss.deployment.MainDeployer.undeploy(MainDeployer.java:632)
| at org.jboss.deployment.MainDeployer.undeploy(MainDeployer.java:615)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
| at $Proxy9.undeploy(Unknown Source)
| at org.jboss.deployment.scanner.URLDeploymentScanner.undeploy(URLDeploymentScanner.java:450)
| at org.jboss.deployment.scanner.URLDeploymentScanner.scan(URLDeploymentScanner.java:604)
| at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.doScan(AbstractDeploymentScanner.java:263)
| at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.loop(AbstractDeploymentScanner.java:274)
| at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.run(AbstractDeploymentScanner.java:225)
| Caused by: java.lang.IllegalStateException: request is null
| at org.jboss.web.tomcat.security.login.WebAuthentication.logout(WebAuthentication.java:115)
| at br.urca.www.biblioteca.dados.ejb.AutenticacaoEJB.logout(AutenticacaoEJB.java:29)
| at br.urca.www.biblioteca.web.PesquisaAcervo.finalizar(PesquisaAcervo.java:60)
|
>From the message I can understand that at the point that the JSF container calls the method marked with @PreDestroy the request object is already null, as the message shows, so I can understand that this is not really a good point to call the logout method. But I wonder what other point I would make the logout.
I would appreciate a lot if you have a suggestion to give me about this issue, as I think I have to do the logout. I don't know if JBoss will do this automatically to me at some point. I mean, if it has some kind of timeout for users that are logged in with the WebAuthentication class.
Thank you.
Marcos
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4169850#4169850
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4169850
More information about the jboss-user
mailing list