[jboss-user] [Security & JAAS/JBoss] - Re: getCallerPrincipal throws NullPointerException

anx do-not-reply at jboss.com
Thu Jun 18 12:50:10 EDT 2009


"sunnygrass" wrote : Finally i fixed the problem.
  | 
  | We have two things to do to avoid the NPE.
  | 1. if the caller does not call LoginContext.login, then the NPE will be throwed. so we must call LoginContext.login(see JAAS doc)
  | 2. we must include org.jboss.security.ClientLoginModule in one jaas.config file(as in -Djava.security.auth.login.config=jaas.config).
  | 
  | BTW, @SecurityDomain is not necessary.
  | 
  | Thank you jaikiran.
  | 
  | Sunnygrass

In Jboss 4.2.x getCallerPrincipal returns "anonymous" Principal in case when caller didn't call LoginContext.login and @SecurityDomain is used. I think here regression  from version 4.2.x.

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4238536#4238536

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4238536



More information about the jboss-user mailing list