[jboss-user] [Security & JAAS/JBoss] - ExtendedFormAuthenticator problem

abickford4523 do-not-reply at jboss.com
Mon Jun 8 13:51:28 EDT 2009 

Hello,

I've followed the wiki article http://www.jboss.org/community/wiki/ExtendedFormAuthenticator so that I can get at the j_exception session variable and provide my users with some useful feedback as to why they couldn't login to our app.

Only problem is, if I provide an invalid username/password, I get the following exception:

  | java.lang.IllegalStateException: Security Context is null
  | 	at org.jboss.web.tomcat.security.SecurityAssociationActions$GetAuthExceptionAction.run(SecurityAssociationActions.java:172)
  | 	at java.security.AccessController.doPrivileged(Native Method)
  | 	at org.jboss.web.tomcat.security.SecurityAssociationActions.getAuthException(SecurityAssociationActions.java:308)
  | 	at org.jboss.web.tomcat.security.ExtendedFormAuthenticator.populateSession(ExtendedFormAuthenticator.java:182)
  | 	at org.jboss.web.tomcat.security.ExtendedFormAuthenticator.forwardToErrorPage(ExtendedFormAuthenticator.java:125)
  | 	at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:260)
  | 	at org.jboss.web.tomcat.security.ExtendedFormAuthenticator.authenticate(ExtendedFormAuthenticator.java:88)
  | 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:417)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
  | 	at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
  | 	at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
  | 	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
  | 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
  | 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
  | 	at java.lang.Thread.run(Thread.java:619)
  | 
  | 

Our login module extends AbstractServerLoginModule and otherwise works great. We do have our own custom Principal object. Any idea why this exception might be getting thrown?

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236145#4236145

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236145

More information about the jboss-user mailing list