[jboss-jira] [JBoss JIRA] Created: (SECURITY-610) The continuation of SPNEGO requests causes a 'Login failure' error to be reported.

Darran Lofthouse (JIRA) jira-events at lists.jboss.org
Wed Aug 3 08:11:06 EDT 2011 

The continuation of SPNEGO requests causes a 'Login failure' error to be reported.
----------------------------------------------------------------------------------

                 Key: SECURITY-610
                 URL: https://issues.jboss.org/browse/SECURITY-610
             Project: PicketBox (JBoss Security and Identity Management)
          Issue Type: Task
      Security Level: Public (Everyone can see)
          Components: Negotiation
            Reporter: Darran Lofthouse
            Assignee: Darran Lofthouse
             Fix For: Negotiation_2.2.0


The continuation from the login module now causes the following error to be logged: -

12:46:42,245 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--10.36.4.52-8080-1) Login failure: javax.security.auth.login.LoginException: Continuation Required.
	at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:174) [jboss-negotiation-2.2.0.SNAPSHOT.jar:2.2.0.SNAPSHOT]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_24]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_24]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_24]
	at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_24]
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [:1.6.0_24]
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_24]
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_24]
	at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_24]
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_24]
	at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_24]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411) [picketbox-infinispan-4.0.1.jar:4.0.1]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345) [picketbox-infinispan-4.0.1.jar:4.0.1]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154) [picketbox-infinispan-4.0.1.jar:4.0.1]
	at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127) [jboss-as-web-7.1.0.Alpha1-SNAPSHOT.jar:7.1.0.Alpha1-SNAPSHOT]
	at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:187) [jboss-negotiation-2.2.0.SNAPSHOT.jar:2.2.0.SNAPSHO

Bringing Kerberos to the domain management security is going to require some of the same behaviour as we have in the SPNEGOLoginModule - it may make sense to pull this common behaviour out of the login module anyway for consistency - this would also remove the exception being logged here.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list