[jboss-user] [Security & JAAS/JBoss] - Federated SSO Test Application Problem

JernKoll do-not-reply at jboss.com
Thu May 3 05:15:21 EDT 2007 

Hi!

I'm evaluating the "JBoss Federated SSO CR1" and I cannot get the test application running.

Everything should be installed and configured correctly and deployment seems normal:

  | 12:45:53,703 INFO  [IdentityManager] Configuration successfully loaded for the IdentityManager...........
  | 
  | 12:45:53,734 INFO  [SSOManager] SSOProcessor org.jboss.security.saml.JBossSingleSignOn at 345b43 was successfully registere
  | d.....
  | 12:45:53,734 INFO  [SSOManager] SSOManager service successfully started...........
  | 
  | 12:46:13,703 INFO  [EARDeployer] Init J2EE application: file:/C:/Java/jboss-4.0.3SP1/server/default2/deploy/jboss-federa
  | tion-server.ear
  | 12:46:13,875 INFO  [Federation] ------------------------------
  | 12:46:13,875 INFO  [Federation] Conf =conf/server.cfg.xml
  | 12:46:13,875 INFO  [Federation] Partner =jboss.com,http://node1.jboss.com:8080/federate
  | 12:46:13,875 INFO  [Federation] Partner =jboss.org,http://node1.jboss.org:8080/federate
  | 12:46:13,875 INFO  [Federation] ------------------------------
  | 12:46:13,875 INFO  [Federation] Federation service successfully started...............
  | 12:46:13,906 INFO  [TomcatDeployer] deploy, ctxPath=/federate, warUrl=.../tmp/deploy/tmp47939jboss-federation-server.ear
  | -contents/jboss-federation-server-exp.war/
  | 12:46:13,984 INFO  [SSOFederationServer] Configuration successfully loaded for the SSOFederationServer...........
  | 12:46:14,000 INFO  [EARDeployer] Started J2EE application: file:/C:/Java/jboss-4.0.3SP1/server/default2/deploy/jboss-fed
  | eration-server.ear
  | 12:46:14,015 INFO  [EARDeployer] Init J2EE application: file:/C:/Java/jboss-4.0.3SP1/server/default2/deploy/jboss-sso-te
  | st.ear
  | 12:46:14,828 INFO  [TomcatDeployer] deploy, ctxPath=/test, warUrl=.../tmp/deploy/tmp47940jboss-sso-test.ear-contents/tes
  | t-exp.war/
  | 12:46:15,046 INFO  [EARDeployer] Started J2EE application: file:/C:/Java/jboss-4.0.3SP1/server/default2/deploy/jboss-sso
  | -test.ear
  | 

On the surface, I have problems of making cross domain jumps with the login-form being opened on the target site. Trying to find the problem, I've found that when I open the URL "http://node1.jboss.com:8080/federate/partners" I get a ClassCastException:


  | java.lang.RuntimeException:
  |   org.jboss.security.saml.SSOException:
  |   java.lang.ClassCastException:
  |   org.jboss.security.saml.JBossSingleSignOn
  | 
  |   org.jboss.security.federation.service.Federation.getPartnerInfo(Federation.java:217)
  |   sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  |   sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  |   :
  |   org.jboss.mx.util.JMXInvocationHandler.invoke(JMXInvocationHandler.java:273)
  |   $Proxy47.getPartnerInfo(Unknown Source)
  |   org.jboss.security.federation.servlet.SSOFederationServer.doGet(SSOFederationServer.java:277)
  | 

I'm running JBoss 4.0.3 SP1.

I've deployed "jboss-federation-server.ear", "jboss-sso-test.ear" files and the "jboss-sso.sar" directory into my "server/default/deploy" directory, duplicated the server and configured hosts.
I've also updated "sso.cfg.xml" to point to "node1.jboss.org" instead of "node1.jboss.com" for the trustServer property on the second server.

Single-stepping through the code leads me to line 202 in "org.jboss.security.saml.SSOManager":


  |             sso = ssoManager.getProcessor();
  | 

This in turn calls JMXInvocationHandler.invoke which on line 273 (I haven't seen the source code) calls getProcessor on a proxy object. I guess the proxy is a proxy for the SSOManager MBean as the proxy implements SSOManagerService. When the method "getProcessor" is called on the proxy, the ClassCastException above is thrown.

Looking at the implementation of the SSOManager MBean, "getProcessor" simply returns a "SingleSignOn" instance held as a member variable. This will most probably be a "JBossSingleSignOn" instance as the exception seem to report this and there are no other implementations.

As "JBossSingleSignOn" implements the "SingleSignOn" interface as the "getProcessor" is expected to return I cannot really figure out why there is a class cast exception.

I've looked through the forum, but couldn't find anyone else experiencing the same problem.

I've cleared the "tmp" and "work" directories with no success.
Could this be some class-loader problem?
Anyone?

Regards
// Andreas


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4042749#4042749

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4042749

More information about the jboss-user mailing list