[jboss-user] [Security & JAAS/JBoss] - LoginContext(init()) Null Pointer Exception
ashwinikakkeri
do-not-reply at jboss.com
Fri Jan 25 01:28:52 EST 2008
Hi!
We are using JDK 6.0 and JSF for our web application and the Login Context is givin us some problems.
PROBLEM : We are getting blank page displayed when we open home page of our application.
SCENARIO:
We have two levels of authentication:
First Level : Realm Authentication:
We are using UsersRolesLoginModule and have the same configured in login-config.xml. The roles and user files are under WEB-INF/classes. jboss-web.xml is configured for œjaas authentication with the policy as set in œlogin-config.xml . The security constraint is set in œweb.xml file.
Looks like its all done :)
Second Level : Application's User login
A second level of authentication is done for registered user for sign-in after going successfully through the first level of authentication. We are using javax.security for this authentication.
After a successful deployment, we have a realm authentication, after which œhome page gets displayed. Then on, we can navigate through different pages and a registered user can sign in.
But if we repeatedly do the both level of authentication in different instances of browser, a lot of times, an exception comes and then we get a blank home page :(.
NOTE : The problem occurs in case when we use both levels of authentication ONLY.
Following is the stack trace of the exception.
ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
| java.lang.NullPointerException
| at javax.security.auth.login.LoginContext.init(LoginContext.java:262)
| at javax.security.auth.login.LoginContext.<init>(LoginContext.java:367)
| at javax.security.auth.login.LoginContext.<init>(LoginContext.java:444)
| at org.jboss.security.plugins.SubjectActions$LoginContextAction.run(SubjectActions.java:162)
| at java.security.AccessController.doPrivileged(Native Method)
| at org.jboss.security.plugins.SubjectActions.createLoginContext(SubjectActions.java:277)
| at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:600)
| at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:535)
| at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
| at org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)
| at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
| at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
| at org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:153)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
| at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
| at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
| at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
| at java.lang.Thread.run(Thread.java:619)
Any idea where we are going wrong on this!!???
help would really be appreciated :P
Thanks!! :)
ashwini
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4123317#4123317
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4123317
More information about the jboss-user
mailing list