[jboss-user] [Security & JAAS/JBoss] - Basic HTTP authentication for WSDL (using JAAS LoginModule)
TimStorms
do-not-reply at jboss.com
Mon Aug 17 09:41:57 EDT 2009
Hi,
I'm trying to use basic HTTP authentication for my WSDL. The user credentials should be validated by a (JAAS) LoginModule for Atlassian Crowd. Somehow the deployment of my EAR file fails. The following stacktrace shows up in my logs:
| java.lang.NullPointerException
| at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorFactory.createPerClass(RoleBasedAuthorizationInterceptorFactory.java:49)
| at org.jboss.aop.advice.AspectFactoryDelegator.createPerClass(AspectFactoryDelegator.java:107)
| at org.jboss.aop.Advisor.addPerClassAspect(Advisor.java:569)
| at org.jboss.aop.advice.ScopedInterceptorFactory.create(ScopedInterceptorFactory.java:72)
| at org.jboss.aop.Advisor.createInterceptorChain(Advisor.java:618)
| at org.jboss.aop.Advisor.pointcutResolved(Advisor.java:888)
| at org.jboss.aop.Advisor.resolveMethodPointcut(Advisor.java:650)
| at org.jboss.aop.ClassContainer.createInterceptorChains(ClassContainer.java:248)
| at org.jboss.aop.ClassContainer.rebuildInterceptors(ClassContainer.java:115)
| at org.jboss.aop.ClassContainer.initializeClassContainer(ClassContainer.java:58)
| at org.jboss.ejb3.EJBContainer.processMetadata(EJBContainer.java:342)
| at org.jboss.ejb3.SessionContainer.processMetadata(SessionContainer.java:140)
| at org.jboss.ejb3.Ejb3Deployment.processEJBContainerMetadata(Ejb3Deployment.java:292)
| at org.jboss.ejb3.Ejb3Deployment.start(Ejb3Deployment.java:356)
| at org.jboss.ejb3.Ejb3Module.startService(Ejb3Module.java:91)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289)
| at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245)
| at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
| at java.lang.reflect.Method.invoke(Unknown Source)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
| at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
| at $Proxy0.start(Unknown Source)
|
Apparantly the RoleBasedAuthorizationInterceptorFactory throws an exception on line 49. When I checked its source, I've found the following code:
ctx.lookup("java:/jaas/" + securityAnnotation.value());
Probably, this means that the class doesn't find my SecurityDomain annotation, while it IS present. I've got the following annotations on my web service:
| @Stateless
| @SecurityDomain("mydomain")
| @SOAPBinding(style = SOAPBinding.Style.RPC, use = SOAPBinding.Use.LITERAL)
| @WebService(name = "ProjectWebService", targetNamespace = "url", serviceName = "service")
| @WebContext(urlPattern = "/url", authMethod ="BASIC", transportGuarantee ="NONE", secureWSDLAccess = false)
| @RolesAllowed("admin")
| @Remote(clazz.class)
|
Other things I've done:
web.xml:
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>wsdl</web-resource-name>
| <url-pattern>/url</url-pattern>
| </web-resource-collection>
| <auth-constraint>
| <role-name>admin</role-name>
| </auth-constraint>
| </security-constraint>
| <login-config>
| <auth-method>BASIC</auth-method>
| </login-config>
| <security-role>
| <role-name>admin</role-name>
| </security-role>
|
login-config.xml (in the conf folder):
| <application-policy name="mydomain">
| <authentication>
| <login-module code="com.atlassian.crowd.application.jaas.CrowdLoginModule" flag = "required">
| <module-option name="application.name">admin</module-option>
| <module-option name="application.password">admin</module-option>
| <module-option name="crowd.server.url">server/</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
This is the code which should be responsible for authenticating the users. What am I doing wrong here? Thanks!
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4249936#4249936
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4249936
More information about the jboss-user
mailing list