[seam-issues] [JBoss JIRA] Created: (SEAMSECURITY-22) Basic authentication with no security drools and no picketlink defined in seam-beans.xml throws exception
yangju (JIRA)
jira-events at lists.jboss.org
Wed Jan 26 23:21:49 EST 2011
Basic authentication with no security drools and no picketlink defined in seam-beans.xml throws exception
---------------------------------------------------------------------------------------------------------
Key: SEAMSECURITY-22
URL: https://issues.jboss.org/browse/SEAMSECURITY-22
Project: Seam Security
Issue Type: Bug
Affects Versions: 3.0.0.Alpha2
Environment: Jboss 6 AS Final, windows
Reporter: yangju
Very simple Authentication implementation:
public class LoginService implements Authenticator {
@Inject
Credentials credentials;
@Inject
Logger log;
public boolean authenticate() {
// authentication logic here
log.info("authenticate is called in LoginService");
log.info("userID="+credentials.getUsername());
return true; // if authentication successful
}
}
View (login.xhtml)
<h:form id="loginForm" rendered="#{not identity.loggedIn}">
<h:messages id="messages" globalOnly="true" />
<div class="loginRow"><h:outputLabel for="name"
value="Username" styleClass="loginLabel" /> <h:inputText id="name"
value="#{credentials.username}" /></div>
<div class="loginRow"><h:outputLabel for="password"
value="Password" styleClass="loginLabel" /> <h:inputSecret
id="password" value="#{credentials.password}" redisplay="true" /></div>
<div class="loginRow"></div>
<div class="buttons"><h:commandButton id="login" value="LOGIN"
action="#{identity.login}" styleClass="loginButton" /></div>
I don't define any drools file and I am not using picketlink either. But after I typed user info in the login page, , the server throws the following exception:
17:18:35,453 ERROR [org.jboss.weld.Bean] WELD-000019 Error destroying an instance Managed Bean [class org.jboss.seam.security.permission.SecurityRuleProducer] with qualifiers [@Any @Default] of org.jboss.seam.security.permission.SecurityRuleProducer at de0ad3
17:18:35,453 ERROR [org.jboss.seam.security.IdentityImpl] Login failed for: Credentials[rich]: java.lang.IllegalArgumentException: stream cannot be null
at org.drools.io.impl.InputStreamResource.<init>(InputStreamResource.java:35) [:5.1.1]
at org.drools.io.impl.ResourceFactoryServiceImpl.newInputStreamResource(ResourceFactoryServiceImpl.java:87) [:5.1.1]
at org.drools.io.ResourceFactory.newInputStreamResource(ResourceFactory.java:87) [:5.1.1]
at org.jboss.seam.security.permission.SecurityRuleProducer.createSecurityKnowledgeBase(SecurityRuleProducer.java:43) [:3.0.0.Alpha2]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_13]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_13]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_13]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_13]
at org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:305) [:6.0.0.Final]
at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) [:6.0.0.Final]
at org.jboss.weld.util.reflection.SecureReflectionAccess.runAsInvocation(SecureReflectionAccess.java:163) [:6.0.0.Final]
at org.jboss.weld.util.reflection.SecureReflections.invoke(SecureReflections.java:299) [:6.0.0.Final]
at org.jboss.weld.introspector.jlr.WeldMethodImpl.invokeOnInstance(WeldMethodImpl.java:188) [:6.0.0.Final]
at org.jboss.weld.injection.MethodInjectionPoint.invokeOnInstance(MethodInjectionPoint.java:169) [:6.0.0.Final]
at org.jboss.weld.bean.ProducerMethod$1.produce(ProducerMethod.java:149) [:6.0.0.Final]
at org.jboss.weld.bean.AbstractProducerBean.create(AbstractProducerBean.java:361) [:6.0.0.Final]
at org.jboss.weld.context.AbstractContext.get(AbstractContext.java:121) [:6.0.0.Final]
at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:99) [:6.0.0.Final]
at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:124) [:6.0.0.Final]
at org.jboss.weld.proxies.org$jboss$weld$beanProducerMethod-org$jboss$seam$security$permission$SecurityRuleProducermethod_createSecurityKnowledgeBase()_$$_WeldClientProxy.newStatefulKnowledgeSession(org$jboss$weld$beanProducerMethod-org$jboss$seam$security$permission$SecurityRuleProducermethod_createSecurityKnowledgeBase()_$$_WeldClientProxy.java)
at org.jboss.seam.security.permission.RuleBasedPermissionResolver.init(RuleBasedPermissionResolver.java:49) [:3.0.0.Alpha2]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_13]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_13]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_13]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_13]
at org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:305) [:6.0.0.Final]
at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) [:6.0.0.Final]
at org.jboss.weld.util.reflection.SecureReflectionAccess.runAsInvocation(SecureReflectionAccess.java:163) [:6.0.0.Final]
at org.jboss.weld.util.reflection.SecureReflections.invoke(SecureReflections.java:299) [:6.0.0.Final]
at org.jboss.weld.introspector.jlr.WeldMethodImpl.invoke(WeldMethodImpl.java:193) [:6.0.0.Final]
at org.jboss.weld.injection.MethodInjectionPoint.invoke(MethodInjectionPoint.java:127) [:6.0.0.Final]
at org.jboss.weld.util.Beans.callInitializers(Beans.java:898) [:6.0.0.Final]
at org.jboss.weld.util.Beans.injectFieldsAndInitializers(Beans.java:885) [:6.0.0.Final]
at org.jboss.weld.bean.ManagedBean$ManagedBeanInjectionTarget$1$1.proceed(ManagedBean.java:182) [:6.0.0.Final]
at org.jboss.weld.injection.InjectionContextImpl.run(InjectionContextImpl.java:54) [:6.0.0.Final]
at org.jboss.weld.bean.ManagedBean$ManagedBeanInjectionTarget$1.work(ManagedBean.java:176) [:6.0.0.Final]
at org.jboss.weld.bean.ManagedBean$FixInjectionPoint.run(ManagedBean.java:142) [:6.0.0.Final]
at org.jboss.weld.bean.ManagedBean$ManagedBeanInjectionTarget.inject(ManagedBean.java:170) [:6.0.0.Final]
at org.jboss.weld.bean.ManagedBean.create(ManagedBean.java:339) [:6.0.0.Final]
at org.jboss.weld.context.AbstractContext.get(AbstractContext.java:121) [:6.0.0.Final]
at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:99) [:6.0.0.Final]
at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:87) [:6.0.0.Final]
at org.jboss.seam.security.permission.org$jboss$weld$bean-jboss$classloader:id="vfs:$$$D:$apps$jboss$jboss-6$0$0$Final$server$epen$deploy$epen-account-setup$war"-ManagedBean-class_org$jboss$seam$security$permission$RuleBasedPermissionResolver_$$_WeldClientProxy.setUserAccountInSecurityContext(org$jboss$weld$bean-jboss$classloader:id="vfs:$$$D:$apps$jboss$jboss-6$0$0$Final$server$epen$deploy$epen-account-setup$war"-ManagedBean-class_org$jboss$seam$security$permission$RuleBasedPermissionResolver_$$_WeldClientProxy.java) [:3.0.0.Alpha2]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_13]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_13]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_13]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_13]
at org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:305) [:6.0.0.Final]
at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) [:6.0.0.Final]
at org.jboss.weld.util.reflection.SecureReflectionAccess.runAsInvocation(SecureReflectionAccess.java:163) [:6.0.0.Final]
at org.jboss.weld.util.reflection.SecureReflections.invoke(SecureReflections.java:299) [:6.0.0.Final]
at org.jboss.weld.introspector.jlr.WeldMethodImpl.invokeOnInstance(WeldMethodImpl.java:188) [:6.0.0.Final]
at org.jboss.weld.introspector.ForwardingWeldMethod.invokeOnInstance(ForwardingWeldMethod.java:59) [:6.0.0.Final]
at org.jboss.weld.injection.MethodInjectionPoint.invokeOnInstanceWithSpecialValue(MethodInjectionPoint.java:198) [:6.0.0.Final]
at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:270) [:6.0.0.Final]
at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:253) [:6.0.0.Final]
at org.jboss.weld.event.ObserverMethodImpl.notify(ObserverMethodImpl.java:222) [:6.0.0.Final]
at org.jboss.weld.manager.BeanManagerImpl.notifyObservers(BeanManagerImpl.java:611) [:6.0.0.Final]
at org.jboss.weld.manager.BeanManagerImpl.fireEvent(BeanManagerImpl.java:604) [:6.0.0.Final]
at org.jboss.weld.manager.BeanManagerImpl.fireEvent(BeanManagerImpl.java:598) [:6.0.0.Final]
at org.jboss.seam.security.IdentityImpl.postAuthenticate(IdentityImpl.java:379) [:3.0.0.Alpha2]
at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:317) [:3.0.0.Alpha2]
at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:203) [:3.0.0.Alpha2]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_13]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_13]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_13]
at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_13]
at org.apache.el.parser.AstValue.invoke(AstValue.java:196) [:6.0.0.Final]
at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [:6.0.0.Final]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [:6.0.0.Final]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [:6.0.0.Final]
at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [:6.0.0.Final]
at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [:6.0.0.Final]
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:102) [:2.0.3-]
at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:84) [:2.0.3-]
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:98) [:2.0.3-]
at javax.faces.component.UICommand.broadcast(UICommand.java:311) [:2.0.3-]
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:781) [:2.0.3-]
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1246) [:2.0.3-]
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:77) [:2.0.3-]
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) [:2.0.3-]
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:114) [:2.0.3-]
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:308) [:2.0.3-]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324) [:6.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]
at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67) [:6.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274) [:6.0.0.Final]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [:6.0.0.Final]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) [:6.0.0.Final]
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181) [:6.0.0.Final]
at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285) [:1.1.0.Final]
at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261) [:1.1.0.Final]
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88) [:6.0.0.Final]
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100) [:6.0.0.Final]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [:6.0.0.Final]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [:6.0.0.Final]
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) [:6.0.0.Final]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [:6.0.0.Final]
at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53) [:6.0.0.Final]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [:6.0.0.Final]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [:6.0.0.Final]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654) [:6.0.0.Final]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951) [:6.0.0.Final]
at java.lang.Thread.run(Thread.java:619) [:1.6.0_13]
--
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the seam-issues
mailing list