11:14 p.m.
Patrick Garner [https://community.jboss.org/people/pgarner] created the discussion
"How to allow application user to change password without forcing re-login?"
To view the discussion, visit: https://community.jboss.org/message/773361#773361
--------------------------------------------------------------
Immediately after updating an application user's password in the database, JBoss
throws javax.ejb.EJBAccessException: JBAS013323: Invalid User
23:04:44,880 ERROR [org.jboss.security] (http-/127.0.0.1:8443-4) PBOX000206: Login
failure: javax.security.auth.login.FailedLoginException: PBOX000070: Password
invalid/Password required
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:283)
[picketbox-4.0.13.Final.jar:4.0.13.Final]
at sun.reflect.GeneratedMethodAccessor490.invoke(Unknown Source) [:1.7.0_07]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[rt.jar:1.7.0_07]
at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_07]
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
[rt.jar:1.7.0_07]
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
[rt.jar:1.7.0_07]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
[rt.jar:1.7.0_07]
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
[rt.jar:1.7.0_07]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_07]
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
[rt.jar:1.7.0_07]
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
[rt.jar:1.7.0_07]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:408)
[picketbox-infinispan-4.0.13.Final.jar:4.0.13.Final]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345)
[picketbox-infinispan-4.0.13.Final.jar:4.0.13.Final]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:333)
[picketbox-infinispan-4.0.13.Final.jar:4.0.13.Final]
at
org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146)
[picketbox-infinispan-4.0.13.Final.jar:4.0.13.Final]
at
org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:354)
[jboss-as-security-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
org.jboss.as.security.service.SimpleSecurityManager.push(SimpleSecurityManager.java:292)
[jboss-as-security-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:49)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:45)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_07]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:74)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:42)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:182)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ejb3.component.stateful.StatefulComponentIdInterceptor.processInvocation(StatefulComponentIdInterceptor.java:52)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:72)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
com.patrac.controller.statemachine.WorkflowManager$$$view12.getCurrentWorkflow(Unknown
Source) [Patrac-ejb.jar:]
at com.patrac.model.RequestLog.<init>(RequestLog.java:68) [Patrac-ejb.jar:]
at com.patrac.controller.backingbean.BackingBean.addRequestLog(BackingBean.java:79)
[classes:]
at com.patrac.controller.backingbean.BackingBean.dispatch(BackingBean.java:71)
[classes:]
at com.patrac.controller.backingbean.MenuBean.dispatch(MenuBean.java:52) [classes:]
at
com.patrac.controller.backingbean.MenuBean$Proxy$_$$_WeldClientProxy.dispatch(MenuBean$Proxy$_$$_WeldClientProxy.java)
[classes:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_07]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
[rt.jar:1.7.0_07]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[rt.jar:1.7.0_07]
at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_07]
at org.apache.el.parser.AstValue.invoke(AstValue.java:264)
[jbossweb-7.0.17.Final.jar:]
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:278)
[jbossweb-7.0.17.Final.jar:]
at
org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
[weld-core-1.1.9.Final.jar:2012-08-06 19:12]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
[weld-core-1.1.9.Final.jar:2012-08-06 19:12]
at
javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88)
[jboss-jsf-api_2.1_spec-2.0.6.Final.jar:2.0.6.Final]
at
com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:101)
[jsf-impl-2.1.13-jbossorg-1.jar:]
at javax.faces.component.UICommand.broadcast(UICommand.java:315)
[jboss-jsf-api_2.1_spec-2.0.6.Final.jar:2.0.6.Final]
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:794)
[jboss-jsf-api_2.1_spec-2.0.6.Final.jar:2.0.6.Final]
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1259)
[jboss-jsf-api_2.1_spec-2.0.6.Final.jar:2.0.6.Final]
at
com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
[jsf-impl-2.1.13-jbossorg-1.jar:]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
[jsf-impl-2.1.13-jbossorg-1.jar:]
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
[jsf-impl-2.1.13-jbossorg-1.jar:]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
[jboss-jsf-api_2.1_spec-2.0.6.Final.jar:2.0.6.Final]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329)
[jbossweb-7.0.17.Final.jar:]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
[jbossweb-7.0.17.Final.jar:]
at
org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:62)
[weld-core-1.1.9.Final.jar:2012-08-06 19:12]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
[jbossweb-7.0.17.Final.jar:]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
[jbossweb-7.0.17.Final.jar:]
at com.patrac.filter.NoCacheFilter.doFilter(NoCacheFilter.java:46) [classes:]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280)
[jbossweb-7.0.17.Final.jar:]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248)
[jbossweb-7.0.17.Final.jar:]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275)
[jbossweb-7.0.17.Final.jar:]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
[jbossweb-7.0.17.Final.jar:]
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:489)
[jbossweb-7.0.17.Final.jar:]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)
[jboss-as-jpa-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50)
[jboss-as-jpa-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:165)
[jboss-as-web-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155)
[jbossweb-7.0.17.Final.jar:]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
[jbossweb-7.0.17.Final.jar:]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[jbossweb-7.0.17.Final.jar:]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:372)
[jbossweb-7.0.17.Final.jar:]
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:897)
[jbossweb-7.0.17.Final.jar:]
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:634)
[jbossweb-7.0.17.Final.jar:]
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:2039)
[jbossweb-7.0.17.Final.jar:]
at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_07]
Caused by: javax.ejb.EJBAccessException: JBAS013323: Invalid User
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:54)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor$1.run(SecurityContextInterceptor.java:45)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_07]
at
org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:74)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:42)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:59)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ee.component.TCCLInterceptor.processInvocation(TCCLInterceptor.java:45)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:165)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
org.jboss.as.ee.component.ViewDescription$1.processInvocation(ViewDescription.java:182)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ejb3.component.stateful.StatefulComponentIdInterceptor.processInvocation(StatefulComponentIdInterceptor.java:52)
[jboss-as-ejb3-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:288)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:61)
[jboss-invocation-1.1.1.Final.jar:1.1.1.Final]
at
org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:72)
[jboss-as-ee-7.2.0.Alpha1-SNAPSHOT.jar:7.2.0.Alpha1-SNAPSHOT]
at
com.patrac.controller.statemachine.WorkflowManager$$$view12.getCurrentWorkflow(Unknown
Source) [Patrac-ejb.jar:]
at com.patrac.model.RequestLog.<init>(RequestLog.java:68) [Patrac-ejb.jar:]
at com.patrac.controller.backingbean.BackingBean.addRequestLog(BackingBean.java:79)
[classes:]
at com.patrac.controller.backingbean.BackingBean.dispatch(BackingBean.java:71)
[classes:]
at com.patrac.controller.backingbean.MenuBean.dispatch(MenuBean.java:52) [classes:]
at
com.patrac.controller.backingbean.MenuBean$Proxy$_$$_WeldClientProxy.dispatch(MenuBean$Proxy$_$$_WeldClientProxy.java)
[classes:]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_07]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
[rt.jar:1.7.0_07]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[rt.jar:1.7.0_07]
at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_07]
at org.apache.el.parser.AstValue.invoke(AstValue.java:264)
[jbossweb-7.0.17.Final.jar:]
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:278)
[jbossweb-7.0.17.Final.jar:]
at
org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:39)
[weld-core-1.1.9.Final.jar:2012-08-06 19:12]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
[weld-core-1.1.9.Final.jar:2012-08-06 19:12]
at
javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88)
[jboss-jsf-api_2.1_spec-2.0.6.Final.jar:2.0.6.Final]
... 30 more
How to update the principal's credentials so that it's password matches the
underlying database's new password? Hopefully a solution that does not require the
user to end the session and re-login.
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/773361#773361]
Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&...]
11:52 p.m.
New subject: [Beginner's Corner] - Re: How to allow application user to change password without forcing re-login?
Patrick Garner [https://community.jboss.org/people/pgarner] created the discussion
"Re: How to allow application user to change password without forcing
re-login?"
To view the discussion, visit: https://community.jboss.org/message/773364#773364
--------------------------------------------------------------
I realize I probably can't programmatically update the principal's credentials.
It appears to me that JBoss security immediately becomes aware of the password change in
the underlying database and attempts to reauthenticate the principal as soon as an EJB
method is invoked, which fails because the principal's password has become stale.
With this in mind it appears that I can't even clean up state after changing the
password because I've got to immediately end the session before any EJB methods are
invoked! There is some state to clean up including removing EJBs prior to killing the
session that I would like to do...
So, how are others approaching implementing the change password feature? I'm not
seeing anything in the JEE or EJB spec. on how the container should treat an underlying
password change in the database, and Google searches aren't returning any hits.
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/773364#773364]
Start a new discussion in Beginner's Corner at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&...]
4411
days inactive
4411
days old
1 comments
1 participants
participants (1)
-
Patrick Garner