[jboss-user] [Security & JAAS/JBoss] - Custom Principal with JBOSS NON Clustered SSO

[clevelam]

Should we be able to use a custom Principal with non clustered sso.   I need to be able to login within one app and have the authentication known on another app within the same app server.

When I move over to the next web app I get the following error:

17:00:08,656 ERROR [CoyoteAdapter] An exception or error occurred in the contain
er during the request processing
java.lang.NullPointerException
        at java.util.Arrays.binarySearch0(Arrays.java:2001)
        at java.util.Arrays.binarySearch(Arrays.java:1943)
        at org.apache.catalina.realm.GenericPrincipal.hasRole(GenericPrincipal.j
ava:177)
        at org.apache.catalina.realm.RealmBase.hasRole(RealmBase.java:862)
        at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.hasRole(JBossSecu
rityMgrRealm.java:543)
        at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.hasResourcePermis
sion(JBossSecurityMgrRealm.java:243)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:506)
        at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
e.java:84)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:127)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
        at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
onnectionValve.java:157)
        at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.ja
va:420)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:262)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:844)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ss(Http11Protocol.java:583)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
6)
        at java.lang.Thread.run(Thread.java:619)

I am using programmatic security to authenticate through the WebAuthentication class, and I setup SSO using information described here:
http://www.jboss.org/community/docs/DOC-12656
and custom principal:
http://www.jboss.org/community/docs/DOC-12517

My Principal class implements the javax.security.Principal interface and serializable.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4188619#4188619

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4188619