[jboss-user] [Beginner's Corner] - Random "Security Context is null" after using SecurityClient
Nathan Ciliberto
do-not-reply at jboss.com
Wed Jul 14 15:45:10 EDT 2010
Nathan Ciliberto [http://community.jboss.org/people/snacker] created the discussion
"Random "Security Context is null" after using SecurityClient"
To view the discussion, visit: http://community.jboss.org/message/552620#552620
--------------------------------------------------------------
We have converted most of our ejb's from 2.1 to 3.0.
In order to get the client security to work we had to use the following code to setup the client's context for the ejb3:
SecurityClient client = SecurityClientFactory.getSecurityClient();
client.setSimple( username, password );
client.setVmwideAssociation( true );
client.login();
Once that code has been executed and the ejb invoked we start seeing random errors such as this:
15:01:01,035 ERROR [CoyoteAdapter] An exception or error occurred in the container during the request processing
java.lang.IllegalStateException: Security Context is null
at org.jboss.web.tomcat.security.SecurityAssociationActions$PopRunAsRoleAction.run(SecurityAssociationActions.java:156)
at java.security.AccessController.doPrivileged(Native Method)
at org.jboss.web.tomcat.security.SecurityAssociationActions.popRunAsIdentity(SecurityAssociationActions.java:302)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:193)
at org.jboss.web.tomcat.service.session.ClusteredSessionValve.handleRequest(ClusteredSessionValve.java:135)
at org.jboss.web.tomcat.service.session.ClusteredSessionValve.invoke(ClusteredSessionValve.java:94)
at org.jboss.web.tomcat.service.session.LockingValve.invoke(LockingValve.java:62)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
The error is "random"... and it occurs on any of the servlets that we have configured.
For example we've had 32,000 requests (according to http://myserver:8090/status?full http://myserver:8090/status?full) but only 99 of these errors.
It happens for the servlets/jsps whether they are called directly from the server or via apache by way of mod_jk (ajp3).
Does anyone know why this would happen?
Do we have to setup some "default" security for the servlets/jsps?
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/552620#552620]
Start a new discussion in Beginner's Corner at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20100714/14566ce4/attachment.html
More information about the jboss-user
mailing list