[jboss-user] [Security & JAAS/JBoss] - Unauthorized Access

paramsevak do-not-reply at jboss.com
Wed Apr 15 23:12:11 EDT 2009


I am currently evaluating JBOSS SSO with jboss-epp-4.3. Mainly I need to verify JBossSSO can handle ....

1- Application SSO for applications deployed on the same server
2- Application SSO for applications deployed on different servers
3- SSO for the JBoss Portal
4- SSO for the portlets deployed within the portal

I have tried working with the stable and beta releases, only to run into bugs that have yet to be fixed. Therefore now I moved to the latest source from SVN. I have been able to get further along. However I am currently getting the following error during server startup.

So far, I have used 'build installPortal' command to install the jboss-portal.sar and jboss-sso.sar to the server's deploy directory. Without much documentation, I can only guess this command installs portal-integration resources/classes to the server. 

Logging into the portal works fine but when I try to logout I get the following exception.

17:12:33,260 ERROR [SSOAutoLogout] org.jboss.security.valve.SSOAutoLogout[/portal]
  | javax.servlet.ServletException: org.jboss.security.saml.SSOException: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.portal.PortalSSOTokenManager.invoke(PortalSSOTokenManager.java:221)
  | 	at org.jboss.security.valve.SSOAutoLogout.invoke(SSOAutoLogout.java:190)
  | 	at org.jboss.security.valve.SSOFederationRouter.invoke(SSOFederationRouter.java:148)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
  | 	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  | 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
  | 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
  | 	at java.lang.Thread.run(Thread.java:619)
  | Caused by: org.jboss.security.saml.SSOException: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.saml.JBossSingleSignOn.getTokenSecret(JBossSingleSignOn.java:504)
  | 	at org.jboss.security.saml.JBossSingleSignOn.generateAuthResponse(JBossSingleSignOn.java:209)
  | 	at org.jboss.security.sso.util.SSOUtil.generateToken(SSOUtil.java:183)
  | 	at org.jboss.security.valve.Util.sendSSOTokens(Util.java:29)
  | 	at org.jboss.security.portal.PortalSSOTokenManager.invoke(PortalSSOTokenManager.java:170)
  | 	... 12 more
  | Caused by: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.saml.JBossSingleSignOn.getTokenSecret(JBossSingleSignOn.java:480)
  | 	... 16 more
  | 17:12:33,260 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
  | javax.servlet.ServletException: javax.servlet.ServletException: org.jboss.security.saml.SSOException: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.valve.SSOAutoLogout.invoke(SSOAutoLogout.java:196)
  | 	at org.jboss.security.valve.SSOFederationRouter.invoke(SSOFederationRouter.java:148)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
  | 	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  | 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
  | 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
  | 	at java.lang.Thread.run(Thread.java:619)
  | Caused by: javax.servlet.ServletException: org.jboss.security.saml.SSOException: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.portal.PortalSSOTokenManager.invoke(PortalSSOTokenManager.java:221)
  | 	at org.jboss.security.valve.SSOAutoLogout.invoke(SSOAutoLogout.java:190)
  | 	... 11 more
  | Caused by: org.jboss.security.saml.SSOException: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.saml.JBossSingleSignOn.getTokenSecret(JBossSingleSignOn.java:504)
  | 	at org.jboss.security.saml.JBossSingleSignOn.generateAuthResponse(JBossSingleSignOn.java:209)
  | 	at org.jboss.security.sso.util.SSOUtil.generateToken(SSOUtil.java:183)
  | 	at org.jboss.security.valve.Util.sendSSOTokens(Util.java:29)
  | 	at org.jboss.security.portal.PortalSSOTokenManager.invoke(PortalSSOTokenManager.java:170)
  | 	... 12 more
  | Caused by: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.saml.JBossSingleSignOn.getTokenSecret(JBossSingleSignOn.java:480)
  | 	... 16 more
  | 17:12:33,260 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
  | javax.servlet.ServletException: javax.servlet.ServletException: org.jboss.security.saml.SSOException: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.valve.SSOAutoLogout.invoke(SSOAutoLogout.java:196)
  | 	at org.jboss.security.valve.SSOFederationRouter.invoke(SSOFederationRouter.java:148)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
  | 	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  | 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
  | 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
  | 	at java.lang.Thread.run(Thread.java:619)
  | Caused by: javax.servlet.ServletException: org.jboss.security.saml.SSOException: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.portal.PortalSSOTokenManager.invoke(PortalSSOTokenManager.java:221)
  | 	at org.jboss.security.valve.SSOAutoLogout.invoke(SSOAutoLogout.java:190)
  | 	... 11 more
  | Caused by: org.jboss.security.saml.SSOException: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.saml.JBossSingleSignOn.getTokenSecret(JBossSingleSignOn.java:504)
  | 	at org.jboss.security.saml.JBossSingleSignOn.generateAuthResponse(JBossSingleSignOn.java:209)
  | 	at org.jboss.security.sso.util.SSOUtil.generateToken(SSOUtil.java:183)
  | 	at org.jboss.security.valve.Util.sendSSOTokens(Util.java:29)
  | 	at org.jboss.security.portal.PortalSSOTokenManager.invoke(PortalSSOTokenManager.java:170)
  | 	... 12 more
  | Caused by: org.jboss.security.saml.SSOException: Unauthorized Access
  | 	at org.jboss.security.saml.JBossSingleSignOn.getTokenSecret(JBossSingleSignOn.java:480)
  | 	... 16 more

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4225779#4225779

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4225779



More information about the jboss-user mailing list