[jboss-user] [Security] - Security Context has not been set

lesquivel do-not-reply at jboss.com
Wed Aug 26 19:51:57 EDT 2009


Hello,

I am having the following exception when logging in.  I am hoping that somebody might have some suggestions to where I might look or check to try and resolve this issue:


  | 17:16:45,552 ERROR [JBossWebRealm] Error during authenticate
  | java.lang.IllegalStateException: Security Context has not been set
  |         at org.jboss.web.tomcat.security.SecurityAssociationActions$SetPrincipal
  | InfoAction.run(SecurityAssociationActions.java:70)
  |         at java.security.AccessController.doPrivileged(Native Method)
  |         at org.jboss.web.tomcat.security.SecurityAssociationActions.setPrincipal
  | Info(SecurityAssociationActions.java:270)
  |         at org.jboss.web.tomcat.security.JBossWebRealm.authenticate(JBossWebReal
  | m.java:388)
  |         at org.apache.catalina.authenticator.FormAuthenticator.authenticate(Form
  | Authenticator.java:258)
  |         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
  | torBase.java:417)
  |         at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
  | e.java:92)
  |         at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.proce
  | ss(SecurityContextEstablishmentValve.java:126)
  |         at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invok
  | e(SecurityContextEstablishmentValve.java:70)
  |         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
  | ava:127)
  |         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
  | ava:102)
  |         at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
  | onnectionValve.java:158)
  |         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
  | ve.java:109)
  |         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
  | a:330)
  |         at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:436)
  |         at org.apache.coyote.ajp.AjpProtocol$AjpConnectionHandler.process(AjpPro
  | tocol.java:384)
  |         at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
  | 7)
  |         at java.lang.Thread.run(Thread.java:619)

I have a custom login config and my own loginModule.  I am Extending AbstractLoginModule.

My login-config.xml: 

  | <policy>
  | 	<!-- MyCompany LOGIN MODULE -->
  | 	<application-policy name="MyCompany-login-module">
  |   <authentication>
  |     <login-module code="org.MyCompany.security.auth.MyCompanyLoginModule" flag="required">
  | 
  |     </login-module>
  | 
  |   </authentication>
  | </application-policy>
  | </policy>
  | 

What kind of errors would cause that exception to occur?  Could it be a configuration issue? If it is configuration, what or where should I look?
Could it be a code issue in my login module class? If so, what kind of errors in my code could cause this?  

Thanks to anyone that replies with any ideas on this.  

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4251926#4251926

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4251926



More information about the jboss-user mailing list