Java.security entry for login module configuration
I am running JAAS-Example from SUN with Tomcat.
When I am creating an object in my servlet by LoginContext = lc = new LoginContext(�SampleLoginModule�); getting *�cannot create Logincontext. Unable to locate a login configuration�* Exception.
Before that i am doing below setting:
In JAVA_HOME/jre/lib/security/java.security I am defining login.config.url.1=file:${java.home}/lib/security/jaas.config
After that I put �jaas.config� file at ${java.home}/lib/security/
Jaas.config
===========
SampleLoginModule {
sample.module.SampleLoginModule required debug=true;
Do anybody have solution for my this problem,why I am getting this error?
Thanks for your help and understand !!!
Hi,
We also experienced that limitation when a vendor is connecting to our XI SOAP Sender Adapter. It is asking for basic username/password. What we did was to create a Generic XI user with a password on it and use SSL authentication at the same time. Our Scenario was PI --> XI --> SAP R3, with the PI system using an HTTP RFC destination with a Basic Logon and Active SSL option to connect to the same system as yours https://host:portnumber/XISOAPAdapter/MessageServlet
Let me know if this helped...
Regards,
Similar Messages
-
I need Java API documentation for Adapter Modules
Hi
Please provide me Java API documentation for Adatper Modules
Regards
SowmyaUse this
https://help.sap.com/javadocs/pi/SP3/xpi/index.html
http://help.sap.com/saphelp_nw04/helpdata/en/87/3ef4403ae3db12e10000000a155106/frameset.htm
which is part of
http://help.sap.com/saphelp_nw04/helpdata/en/8b/895e407aa4c44ce10000000a1550b0/frameset.htm
Regards,
Prateek -
Custom JAAS login module configuration in Oracle application server
I have a LDAP login module implementing javax.security.auth.spi.LoginModule. This login module works well with tomcat and weblogic, if I configure the JVM arguments -Djava.security.auth.login.config and -Djava.security.policy to point to the login.conf and access.policy files. The login.conf file has the below content
FREEWAY_SERV
com.wipro.freeway.security.LdapLoginModule required debug=true portal=false;
FREEWAY_PORT
com.wipro.freeway.security.LdapLoginModule required debug=true portal=true;
The access.policy file has contains content like below:
grant Principal com.wipro.freeway.security.RolePrincipal "UserAdministration" {
permission com.wipro.freeway.security.URLPermission "/createOtherUser.frw";
permission com.wipro.freeway.security.URLPermission "/createDealer.frw";
The application uses these login modules by passing Name of the JAAS configuration (FREEWAY_SERV or FREEWAY_PORT).
I would like to use the same login module and code in Oracle application sever 10.1.3 and I haven't got any success yet. I am not getting how to set these JVM properties and make my application identify this custom login module. I have tried configuring the custom login module via oc4j admin console and I couldn't give a name to my configuration. I also set the system properties for
-Djava.security.auth.login.config and -Djava.security.policy with no success.
Could anybody please help me to get this right?
Thanks in advance.Hello,
In OracleAS 10g R3 (10.1.3.x) you can register your login module in your application (and server) using Enterprise Manager, and config file. That is easier and more flexible that the parameter.
I would invite you to take a look to the security how-to:
- 10.1.3 How-tos, and How to integrate a custom login module
You can also take a look to the 10.1.3 Documentation and the LDAP/Login Module integration.
- Security guide: Login Modules -
JAAS login module configuration in Oracle application server
I have a LDAP login module implementing javax.security.auth.spi.LoginModule. This login module works well with tomcat and weblogic, if I configure the JVM arguments -Djava.security.auth.login.config and -Djava.security.policy to pont to the login.conf and access.policy files. The login.conf file has the below content
FREEWAY_SERV
com.wipro.freeway.security.LdapLoginModule required debug=true portal=false;
FREEWAY_PORT
com.wipro.freeway.security.LdapLoginModule required debug=true portal=true;
The application uses these login modules by passing Name of the JAAS configuration (FREEWAY_SERV or FREEWAY_PORT).
I would like to use the same login modules and code in Oracle application sever 10.1.3 and I haven't got any success yet.
Could anybody please help me to get this right?
Thanks in advance.
Message was edited by:
vinayalvaHi,
in OracleAs bet is to use Enterprise Manager to configure the login module. The LoginModule needs to be configured in the system-jazn-data.xml file, which is located in teh j2ee/home/config directory of the OC4J you use. Enterprise Manager does this all for you.
In your application deployment the orion-application.xml file needs to specify that a custom LoginModule should be used. Again ENterprise Manager does it for you.
To use the LoginModule e.d. for J2EE authentication, just make sure that the application name of the J2EE deployment matches the name of the LoginModule configuration
If you want to use pure JAAS you may have to change the OC4J properties file in the j2ee/home/config directory. Best suggestion to give is to get the online documentation for OC4J security
Frank -
Java Security Model for Web Apllication Security
Hi,
Any one can tell me about Java Security model used in web site protection. what are th eAPI's used to implement this model on Websites.
I am keen to know only about the Authentication and Authorization secutiry.
Thanks,
VivekHi Ram, thanks for reply. I appreciate your comments.
This is a very interesting topic because we need to know how much flexibility we have in order to apply security policies to our services. After all, SOA is about flexibility (with appropriate level of control), isn't it? :-P
Option 1 (WSDL files) is a reasonable one. We could create "views" of the same service using ESB. But I'm concerned if this approach ("Security Oriented Views" of a service) can lead to difficulties in operational governance and appropriate discovery and reuse of the service.
Option 2 is also something to be concerned, as we could end up designing "Security Oriented Architecture" :-P
Option 3 (Customization through OAM) is also reasonable, but I don't know if this is really possible to achieve since OAM is mostly related to web resources. It would be nice if we had a chance to implement this in WSM instead.
Denis
Message was edited by:
[email protected]
Message was edited by:
[email protected] -
There is a security risk for all 10.7/10.8 users according to Oracle. When will we get a resoltuion and/or recommendation for the vunerablilities found in the Java version 1.6.0.37?
When will we get a resoltuion and/or recommendation for the vunerablilities found in the Java version 1.6.0.37?
There will never be a permanent resolution. Java is inherently insecure by design.
Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was never a good idea, and Java's developers have had a lot of trouble implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style "virus" affecting OS X. Merely loading a page with malicious Java content could be harmful. Fortunately, Java on the Web is mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice.
Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers. In Safari, this is done by unchecking the box marked Enable Java in the Security tab of the preferences dialog.
Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a specific task, enable Java only when needed for the task and disable it immediately when done. Close all other browser windows and tabs, and don't visit any other sites while Java is active. Never enable Java on a public web page that carries third-party advertising. Use it only on well-known, password-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site. -
MII Workbench and java security Issue for jdk7
Hello all,
I am using MII version 12.2.2 Build(234) and java version jdk7.
Now,I am not able to open or create a transaction in workbench.
In java console, an error is shown below:
AWT-EventQueue-0 [ERROR] - java.lang.ExceptionInInitializerError
at com.sap.lhcommon.expressioneval.ExpressionLoader.<clinit>(ExpressionLoader.java:282)
at com.sap.xmii.bls.expressioneval.TransactionFunctions.<clinit>(TransactionFunctions.java:27)
at com.sap.xmii.xacute.editors.common.FunctionsComboBox.createBox(FunctionsComboBox.java:45)
at com.sap.xmii.xacute.editors.common.FunctionsComboBox.<init>(FunctionsComboBox.java:39)
at com.sap.xmii.xacute.editors.transaction.dialogs.linkeditor.LinkEditorPanel.createExpressionEditorPanel(LinkEditorPanel.java:1033)
at com.sap.xmii.xacute.editors.transaction.dialogs.linkeditor.LinkEditorPanel.initialize(LinkEditorPanel.java:316)
at com.sap.xmii.xacute.editors.transaction.dialogs.linkeditor.LinkEditorPanel.<init>(LinkEditorPanel.java:198)
at com.sap.xmii.xacute.editors.transaction.dialogs.linkeditor.LinkEditorBottomPanel.<clinit>(LinkEditorBottomPanel.java:28)
at com.sap.xmii.Illuminator.gui.workbench.core.TransactionInfo.initDisplay(TransactionInfo.java:353)
at com.sap.xmii.Illuminator.gui.workbench.core.TransactionInfo.createNewFile(TransactionInfo.java:149)
at com.sap.xmii.Illuminator.gui.workbench.components.actions.actions.NewAction.createFileInfoObject(NewAction.java:194)
at com.sap.xmii.Illuminator.gui.workbench.components.actions.actions.NewAction$1.construct(NewAction.java:115)
at com.sap.lhcommon.gui.ThreadCreator$2.run(ThreadCreator.java:96)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.sun.security.action")
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPackageAccess(Unknown Source)
at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at com.sun.jnlp.JNLPPreverifyClassLoader.loadClass0(Unknown Source)
at com.sun.jnlp.JNLPPreverifyClassLoader.loadClass(Unknown Source)
at com.sun.jnlp.JNLPPreverifyClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at com.sap.lhcommon.expressioneval.functions.DecodeFunction.<clinit>(DecodeFunction.java:83)
... 14 more
I also modified the 'java.policy' file. But it did not work. I am still getting the same error.
Kindly advise..
Thanks,
Ritwika.I do not yet know the security implications of doing what I did to fix this issue, but here is my solution.
I added the following to the jre7 java.policy file in the section "grant {":
permission java.lang.RuntimePermission "accessClassInPackage.sun.security.action"; -
Login Module configuration for soap adapter ?
Hi Guys,
I have configured XISOAPAdapter for client certificate Authentication and i have created 1443 as the HTTPS port on the ABAP stack and defined this port in the instance profile.
Under SSL provider i have selected 50101 as the HTTPS port and the user mapping to the certificate works fine and i was able to login directly.
https://host:50101/XISOAPAdapter/MessageServlet - I was able to login with the user mapping to certifcate.
but when i try https://host:1443/XISOAPAdapter/MessageServlet - it is asking for the basic password authentication and the automatic login with the certifcate is not working. Our customer will be using this url to send messages to soap adapter.
under policy configurations for XISOAPAdapter, i have defined only clientcertificateloginmodule and define the rule as Rule1.getUserFrom=wholecert.
any help or suggestions would be appreciated.
Thanks,
SriniHi,
We also experienced that limitation when a vendor is connecting to our XI SOAP Sender Adapter. It is asking for basic username/password. What we did was to create a Generic XI user with a password on it and use SSL authentication at the same time. Our Scenario was PI --> XI --> SAP R3, with the PI system using an HTTP RFC destination with a Basic Logon and Active SSL option to connect to the same system as yours https://host:portnumber/XISOAPAdapter/MessageServlet
Let me know if this helped...
Regards, -
Is this Java Glossary entry for "static" correct?
Hi all,
I'm trying to understand static variables.
This glossary: http://mindprod.com/jgloss/static.html, has several lines that I don't think are correct, but I could certainly be wrong myself.
static final when applied to a variable is Javanese for "constant".
All static methods are automatically final. It is not strictly speaking an error to
mark them final, but it is redundant and considered bad form.I made a test class with a public static int x in it. I did not initialize the int. The compiler had no problems with it. I then made it a public static final int and the compiler (Eclipse, Java 1.5) complained that the int had not been initialized. Therefore, it seems to me that static and static final are different.
They can call instance methods only if they use their own object
references -- not rely on this.I made a class with a public static Object x. I then set x to be this in a method. The compiler had no problems with this.
Am I misunderstanding what the author means in the two quotes above?
Thanks!
Tim
Edit: Woops, the above quotes talk about methods, not variables. Shouldn't the same be true of variables, though? How can a static constant relay on 'this"?TimQuinn wrote:
Hi all,
I'm trying to understand static variables.
This glossary: http://mindprod.com/jgloss/static.html, has several lines that I don't think are correct, but I could certainly be wrong myself.
static final when applied to a variable is Javanese for "constant". This is correct.
All static methods are automatically final.This is incorrect.
public class Scratch {
final static void foo() {}
class ZZZ extends Scratch {
static void foo() {}
}Notice the difference when Sractch.foo is declared final vs. when it's not.
I made a test class with a public static int x in it. I did not initialize the int. The compiler had no problems with it. I then made it a public static final int and the compiler (Eclipse, Java 1.5) complained that the int had not been initialized. Therefore, it seems to me that static and static final are different.Yes, they are.
Note, however, that final means something different for a variable than for a method, and that Roedy was talking about both in the same paragraph.
They can call instance methods only if they use their own object
references -- not rely on this
I made a class with a public static Object x. I then set x to be this in a method. The compiler had no problems with this.Because the calling method wasn't static. He's saying a static method can call an instance method only if it has it's own reference to an instance, since there is no this in a static method. He is correct. -
Java Secure channel for FTP over SSH
Does the Jsch provided by JCRAFT support authentication and authorisation via public key certificates? If yes then is there website which gives me some info on this?
I checked out the site http://www.jcraft.com/jsch/index.html but this does not provide much info on the certificates.
If anyone knows some information regarding this, kindly reply ASAP
ThanksOne of the examples provided with the ditribution actually generates those keys. I will admit, the documentation for JSch is very thin, but they provide examples for everything with the distribution. If you wish to use a key generated by another program, make sure that the key provided is in OpenSSH format (Putty and Secure SSH formats don't work).
-
Login module for the J2EE application
Hi ,
I am trying to use the BasicPasswordLoginModule for my J2EE application which will be deployed in the SAP J2EE engine.My application will not be accessed through the portal.
I am having a login screen in my application for which i want to use the already avaliable login module. ie.. BasicPasswordLoginModule.
When i am trying to get the login(). i am getting the following the error.
"javax.security.auth.login.LoginException: No LoginModules configured for BasicPasswordLoginModule".
Please let me know what needs to be done.
PS: The version environment is CE 7.1
Regards
Abu BakarHi Julius
I am totally confused, my application is a pure J2EE application which has only one screen which just displays the details. And i want only the login screen to be implemented. I have gone through a couple of dec from sap which tells to created a custom login module if requiredl but i want to user the FORM based authentication and use the BasicPasswordLoginModule(in-built in WAS)
All that i am doing is written a web.xml with the following information:
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/home.jsp</form-login-page>
<form-error-page>/relogin.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>App_Viewer</role-name>
</security-role>
web-j2ee-engine with following information:
<security-role-map>
<role-name>App_Viewer</role-name>
<server-role-name>Administrator</server-role-name>
</security-role-map>
<login-module-configuration>
<login-module-stack>
<!-- Contains all login modules used for authentication -->
<login-module>
<!-- Contains information about one login module -->
<login-module-name>BasicPasswordLoginModule</login-module-name>
<flag>SUFFICIENT</flag>
<options>
<option>
<!-- The option UserNamePrefix determines that the user name must start with "Admin" -->
<name>UserNamePrefix</name>
<value>Admin</value>
</option>
</options>
</login-module>
</login-module-stack>
<security-policy-domain></security-policy-domain>
</login-module-configuration>
And I am not sure, if the above mentioned details are enough. My implementation code is as follows:
try {
HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
HttpServletResponse response = (HttpServletResponse) FacesContext.getCurrentInstance().getExternalContext().getResponse();
request.setAttribute(ILoginConstants.LOGON_UID_ALIAS, this.getUserName());
request.setAttribute(ILoginConstants.LOGON_PWD_ALIAS, this.getPassword());
UMFactory.getLogonAuthenticator().logon(request, response, "BasicPasswordLoginModule");
status = success;
} catch (Exception e) {
e.printStackTrace();
status = e.toString();
In the NWA i have just configured the UserNamePrefix with Admin, thats all . Since the form login authentication method is already configure with the BasicPasswordLoginModule, I left it untouched.
I also implemented a custom login module and deployed it but not sure how to use it in my code.
Please let me know if i am in the rite track. Correct me if i am wrong. At the end of the day i want to use the login screen just to get authenticated. I am also not bothered about the password changing etc.. As the users who are going to use my application are the users in the Identity Management. Few portions of my screen should be allowed to be displayed based on the roles.
PS: My application is not configured in the portal. Its an independent application deployed on the WAS(CE 7.1).
Please advice
Regards
Abu Bakar -
We configure a custom implementation of the JAAS
javax.security.auth.login.Configuration class for our applications security
framework in JRE_LIB/security/java.security using the entry
login.configuration.provider=com.foo.SecurityConfiguration
However, this does not seem get picked up and the configuration provider
class instead seems to default to
weblogic.security.service.ServerConfiguration
instead.
Has anyone else seen this?
We're using the JDK bundled with Weblogic 8.1
TIA for your helpThanks for all the posting re. this issue....
I think the way Weblogic implemented "support" for JAAS in 8.1 totally
blows. In fact, when I asked BEA support about this, they basically sent me
an email saying that "Weblogic owns the JAAS configuration" so if you have a
security framework that is application server agnostic, but leverages JAAS
then you are screwed when deploying on Weblogic 8.1.
I looked for a workaround and believe that instead of using an entry in
java.security for your custom configuration class, if you set the JVM
parameter
-Dlogin.configuration.provider=com.foo.SecurityConfiguration
then what happens is that the Weblogic custom class
weblogic.security.service.ServerConfiguration is invoked by JAAS. It tries
to load the login module configuration and if that fails, it delegates to
com.foo.SecurityConfiguration. So this should enable both the weblogic
security framework and a custom security framework that are both based on
JAAS
I'm currently testing this out
"Lloyd Fernandes" <[email protected]> wrote in message
news:[email protected]...
>
Robert Greig <[email protected]> wrote:
Lloyd Fernandes wrote:
"Lloyd Fernandes" <[email protected]> wrote:
"Prashant Nayak" <[email protected]> wrote:
We configure a custom implementation of the JAAS
javax.security.auth.login.Configuration class for our applications
security
framework in JRE_LIB/security/java.security using the entry
login.configuration.provider=com.foo.SecurityConfiguration
However, this does not seem get picked up and the configuration
provider
class instead seems to default to
weblogic.security.service.ServerConfiguration
instead.
Has anyone else seen this?
We're using the JDK bundled with Weblogic 8.1
TIA for your help
As per documentation in the API JAVADOCS forjavax.security.auth.login.Configuration
>>>>
>>>>
The default Configuration implementation can be changed by settingthe
value of
the "login.configuration.provider" security property (in the Java
security
properties
file) to the fully qualified name of the desired Configurationimplementation
class. The Java security properties file is located in the file named
<JAVA_HOME>/lib/security/java.security,
where <JAVA_HOME> refers to the directory where the JDK was installed.
Have you tried to use a startup class to set the configuration providerusing
javax.security.auth.login.setConfiguration(YourConfigClass);
Weblogic probably uses this to set the configuration class to it'sown.
You have to consider whether this is really something you want to do
however. If you want to get WLS to use a custom authenticator use its
SSPIs. You can configure the order etc. in the admin console.
By overriding the configuration you override it for the server as a
whole which can mean for example that you cannot login to the admin
console. Having said this, from memory, I believe that the property is
ignored in WLS. However you can still call
Configuration.setConfiguration if you really want to.
The fact that there is a "global static" in the Configuration class is
a
Bad Thing IMHO, that was never really designed for an app server
environment.
Robert
If it is a bad thing to have a static how come Weblogic uses it instead ofthe
standard way of modifying the property in java security file - it isbecause
weblogic wants it's own way of implementing instead of using using the'plugable
module' architecture of JAAS.
When weblogic advertised that it will support JAAS the impression was thatWeblogic
would provide a login module that will implement the security mechanism itwanted
- instead it went it's own way.
Also consider the following
1. JAAS specifies a mechanism for multiple configurations based on a'application'.
This is not possible in the current 'weblogic security mechanism'
2. Weblogic says it supports JAAS but what it does not tell you is that inorder
to use available login modules you have to write a whole bunch of code tosupport
principal validators and authenticators. (I begin to wonder if write oncedeploy
anywhere is not part of Sun's certification process anymore) -
Custom Login Module for Tomcat to procted apps using Oracle Access Manager
Hi all,
I have the following scenario.
A web application deployed in Tomcat to be protected using OAM. One solution is to use Access Gate though we have other alternative as Proxy infront of Tomcat with a webgate. Now I am implementing the Access Gate solution.
So, when the user clicks the tomcat application, then the prompt (BASIC) appears for login details. custom login module should kick in and take those login details and authenticate against OAM using Access SDK API.
I have created access gate profile and installed Access SDK. Ran the ConfigureAccessGateTool as well.
I did some research googling for login module. I came to know that we need to write a custom realm for it. So, this realm implementation involves specifying role-name etc., in web.xml where the role-name would have been defined in tomcat-users.xml.
This means that the user trying to authenticate against OAM has to have some roles defined in Tomcat to login. I didnot understand the flow end to end as how this will work.
Please let me know if anybody has done this of customization.
Thanks,
Mahendra.Hi Ambarish,
Initially I thought of implementing the way you suggested in Option 2.
But there will be various redirections when we use option 2 as the login page should redirect it to a page where OAM authentication and authorization stuff has to be handled. And accordingly we have to redirect it to specific pages upon successful atn and atz. Hence, I was opted using Custom Login Module.
However, I have been trying Option 2 now. In web.xml, I have specified a login page with FORM scheme. The login redirects it to another page say OAM_Authentication_Handler.jsp. Here we code which serves atn and atz. Upon doing this, I have observed that the protected resource in OAM is not getting evaluated using the method
String ms_protocol = "http";
String ms_method = "GET";
String ms_resource = "http://localhost:8080/FormLogin/private.jsp";
ObResourceRequest rrq = new ObResourceRequest(ms_protocol, ms_resource, ms_method);
The method rrq.isProtected() is returning false which implies it to unprotected. I have tested using Access Tester for the resource and it results in expected behaviour.
Is there any limitation here by using this approach?
Any ideas?
Thanks,
Mahendra. -
Error in some of the login modules
`Hi Experts,
I have deployed SPNEGO and when user trying to login to portal, it gives the error as taken from diagtoo(below)
Also would like to inform you that when I have configured the wizard, some how in VA for lots of the Components in Security
provider, I found lots of those components does have the value for the Evaluateticket, evaluateAssertion, basicpassword,
createticketlogon did not had any values to it.
The components which I have updated are,
1. sap.com.lcr*sld---> I have added for EvaulateTicketloginModule and EvaluateAssertion ticket module like
ume.configuration.active true
trustediss1 OU=J2EE,CN=ABC
trusteddn1 OU=J2EE,CN=ABC
trustedsys1 ABC,555
and for CreateTicketLoginModule
ume.configuration.active true
Like wise done for the following components also.
2. sap.com/sap.comtckmc.coll.room.wsdeplRoomABAPWS_config1
3. sap.com/sap.commonitoringsysteminfo*sap_monitoring( here only 3 login modules present. so updated accordingly
to the above mentioned values for whatever loginmodule was present)
4. jmx~spnego was not having the template as SPNEGO so selected SPNEGO template and updated whatever ( 5 login module accordingly)
5. sap.com/tcsecwssec~app*wssproc_cert
6. sap.com/tcsecwssec~app*wssproc_plain
7. sap.com/tcsecwssec~app*wssproc_ssl
8. sap.com/tcslmslmapp*slmServices_Config
9. sap.com/tcslmslmapp*slmSolManServices_Config
10. ....~eap*GPRuntimeFacadeWS_
11. ..RuntimeearCAFDataService
Entering method with (Subject:
, javax.security.auth.login.LoginContext$SecureCallbackHandleraT6d992c17)
13:47:15:804 Debug J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas The options of EvaluateTicketLoginModule in [spnego] authentication stack are: [{ume.configuration.active=true, trustediss1=OU=J2EE,CN=ABC, trustedsys1=ABC,555, trusteddn1=OU=J2EE,CN=ABC}].
13:47:15:804 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 ~s.constructor(Map, Properties, boolean) Entering method with ({System-ID=ABC, sap.security.auth.configuration.name=spnego, sap.security.auth.context.object=Security Context : session (0) for J2EE_GUEST created at Sun Mar 15 13:01:44 AST 2009}, <null>)
13:47:15:804 Info J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas got [ume.configuration.active]: [true]
13:47:15:804 Warning J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas no authscheme found that has auth template spnego
13:47:15:805 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas Exiting method with [Ljava.lang.Object;aT631dd237
13:47:15:805 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 ~ity.core.server.jaas.getMergedOptions() Entering method
13:47:15:805 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas Exiting method with [Ljava.lang.Object;aT3ad44bb7
13:47:15:805 Debug J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas The options of EvaluateTicketLoginModule in [spnego] authentication stack after merge with UME properties are: [{ume.configuration.active=true, trustediss1=OU=J2EE,CN=ABC, system=ABC, client=555, j_authscheme=default, inclcert=0, trusteddn1=OU=J2EE,CN=ABC, ume.logon.httponlycookie=TRUE, alias=SAPLogonTicketKeypair, ume.logon.security.enforce_secure_cookie=FALSE, validity=8, keystore=TicketKeystore, trustedsys1=ABC,555, password=}].
13:47:15:805 Debug J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas The options of EvaluateTicketLoginModule in [spnego] authentication stack after adding the default values are: [{ume.configuration.active=true, trustediss1=OU=J2EE,CN=ABC, system=ABC, client=555, j_authscheme=default, inclcert=0, trusteddn1=OU=J2EE,CN=ABC, ume.logon.httponlycookie=TRUE, alias=SAPLogonTicketKeypair, sap.security.auth.configuration.name=spnego, ume.logon.security.enforce_secure_cookie=FALSE, validity=8, keystore=TicketKeystore, trustedsys1=ABC,555, password=}].
13:47:15:805 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas Exiting method
13:47:15:806 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] ~er.jaas.spnego.util.ConfigurationHelper My GSS name is: J2ee-abcaTBah.ARAB.LOCAL
13:47:15:806 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] ~er.jaas.spnego.util.ConfigurationHelper GSS name type is: 1
13:47:15:807 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] ~er.jaas.spnego.util.ConfigurationHelper GSS mechanism is: 1.2.840.113554.1.2.2
13:47:15:808 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is true principal is J2ee-abcaTBah.ARAB.LOCAL tryFirstPass is false useFirstPass is false storePass is false clearPass is false
Refreshing Kerberos configuration
13:47:15:808 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out Refreshing Keytab
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out >>> KeyTabInputStream, readName(): Bah.ARAB.LOCAL
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out >>> KeyTabInputStream, readName(): J2ee-abc
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out >>> KeyTab: load() entry length: 60; type: 3
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out principal's key obtained from the keytab
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out Acquire TGT using AS Exchange
13:47:15:811 Path J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Exception : Error in some of the login modules.
java.lang.Exception
at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1141)
at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:253)
at com.sap.engine.services.security.exceptions.BaseLoginException.<init>(BaseLoginException.java:114)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
Caused by: java.lang.NullPointerException
at java.lang.StringBuffer.append(StringBuffer.java:467)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:627)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:511)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:150)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:69)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
13:47:15:812 Error J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Error in some of the login modules.
[EXCEPTION]
com.sap.engine.services.security.exceptions.BaseLoginException: Error in some of the login modules.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:149)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.GeneratedMethodAccessor368.invoke(Unknown Source)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
Caused by: java.lang.NullPointerException
at java.lang.StringBuffer.append(StringBuffer.java:467)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:627)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:511)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:150)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:69)
... 24 more
13:47:15:813 Error J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Exception com.sap.engine.services.security.exceptions.BaseLoginException: Error in some of the login modules.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:149)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:186)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Krb5AcceptCredential.java:80)
at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:75)
at sun.security.jgss.GSSManagerImpl.getCredentialElement(GSSManagerImpl.java:149)
at sun.security.jgss.GSSCredentialImpl.add(GSSCredentialImpl.java:334)
at sun.security.jgss.GSSCredentialImpl.<init>(GSSCredentialImpl.java:44)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
Caused by: java.lang.NullPointerException
at java.lang.StringBuffer.append(StringBuffer.java:467)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:627)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:511)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:150)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:69)
... 24 more
see below for more error13:47:15:814 Path J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Exception : Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
java.lang.Exception
at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1141)
at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:253)
at com.sap.engine.services.security.exceptions.BaseSecurityException.<initat com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
13:47:15:815 Error J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
[EXCEPTION]
com.sap.engine.services.security.exceptions.BaseSecurityException: Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:157)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.GeneratedMethodAccessor368.invoke(Unknown Source)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
13:47:15:816 Error J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] ~es.security.authentication.logincontext LOGIN.FAILED
User: N/A
Authentication Stack: com.sun.security.jgss.accept
Login Module Flag Initialize Login Commit Abort Details
com.sun.security.auth.module.Krb5LoginModule REQUISITE ok exception false null
com.sap.security.core.server.jaas.SPNegoMappingLoginModule REQUISITE ok true
13:47:15:816 Path J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Exception : Access Denied.
java.lang.Exception
at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1141)
at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:253)
at com.sap.engine.services.security.exceptions.BaseLoginException.<init>(BaseLoginException.java:114)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:286)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
Caused by: com.sap.engine.services.security.exceptions.BaseSecurityException: Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:157)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.GeneratedMethodAccessor368.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.security.jgss.GSSCredentialImpl.add(GSSCredentialImpl.java:334)
at sun.security.jgss.GSSCredentialImpl.<init>(GSSCredentialImpl.java:44)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
13:47:15:817 Error J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 ~rity.core.server.jaas.SPNegoLoginModule Exception in SPNegologinModule.initialize.
[EXCEPTION]
GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new ACCEPT credentials failed!)
at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:189)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Krb5AcceptCredential.java:80)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at sun.security.jgss.LoginUtility.run(LoginUtility.java:57)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:186)
... 9 more
Caused by: com.sap.engine.services.security.exceptions.BaseSecurityException: Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:157)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
... 22 more
13:47:15:819 Error J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.engine.services.security Cannot initialize login module com.sap.security.core.server.jaas.SPNegoLoginModule .
[EXCEPTION]
java.lang.RuntimeException: No valid credentials provided (Mechanism level: Attempt to obtain new ACCEPT credentials failed!)
at com.sap.security.core.server.jaas.SPNegoLoginModule.initialize(SPNegoLoginModule.java:446)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.initialize(LoginModuleLoggingWrapperImpl.java:129)
at com.sap.engine.services.security.login.LoginContextFactory.initializeLoginContext(LoginContextFactory.java:167)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:141)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.GeneratedMethodAccessor368.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:131)
at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:303)
at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:96)
at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)
at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:522)
at java.security.AccessController.doPrivileged(Native Method)
at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:405)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
at com.sap.portal.navigation.Gateway.service(Gateway.java:126)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
13:47:15:821 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 ~.security.core.server.jaas.initialize() Entering method with (Subject:
, javax.security.auth.login.LoginContext$SecureCallbackHandleraT6d992c17, {System-ID=ABC, sap.security.auth.configuration.name=spnego, sap.security.auth.context.object=Security Context : session (0) for J2EE_GUEST created at Sun Mar 15 13:01:44 AST 2009}, {ume.configuration.active=true})
13:47:15:821 Debug J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas -
Login module BasicPasswordLoginModule
Hi all!
I need to configure a Web application on the SAP J2EE engine to use BasiPasswordLoginModule, so it could ask for user and pasword, but it doesn´t work.
I have configured it in the visual adminstrator Security Provider Service, and I have write this code in my servlet
LoginContext lc;
try{
lc = new LoginContext("sap.com/belma4asdfEAR*belma4asdf");
lc.login();
}catch(LoginException le){
PrintWriter pw = response.getWriter();
pw.print(le.getMessage());
pw.print("
pw.print(le.getCause());
pw.flush();
return;
It produces the output
Access Denied.
com.sap.engine.services.security.exceptions.BaseSecurityException: Internal server error. An error log with ID is created. For more information contact your system administrator.
Access Denied.
com.sap.engine.services.security.exceptions.BaseLoginException: Access Denied.
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:233)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at eds.hcenergia.pruebas.belma.Belma.process(Belma.java:53)
at eds.hcenergia.pruebas.belma.Belma.doGet(Belma.java:20)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
It looks like if it was trying to access another login module, instead of the BasicPasswordLoginModule.
Do I need any other configuration?
Thank in advance,Thanks bvr, but that´s not the problem.
As I´m using a standard login module, there is no problem with the class loader.
I have found that I was wrong, because I found in a log that the BasicPasswordLoginModule is been called, an ended with an error.
There is an entry in the log with the exception:
Caught java.lang.NullPointerException
at com.sap.engine.services.security.resource.ResourceHandleImpl.listResources(ResourceHandleImpl.java:49)
at com.sap.engine.services.security.resource.ResourceContextImpl.getResourceAliases(ResourceContextImpl.java:147)
at com.sap.engine.services.security.remoteimpl.resource.RemoteSecurityResourcesImpl.getResourceAliases(RemoteSecurityResourcesImpl.java:131)
at com.sap.engine.services.security.remoteimpl.resource.RemoteSecurityResourcesImplp4_Skel.dispatch(RemoteSecurityResourcesImplp4_Skel.java:128)
at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:304)
at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:193)
at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:122)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Then, another entry saying:
"Login module com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule from authentication stack basic errors while authenticating the caller. Most probably the authentication stack is not set up correctly."
And finally an entry with the exception I have copy above in the post.
Thanks in advance for any answer.
Maybe you are looking for
-
What to look for when buying used
I'm planning on replacing my oooollddd G4 desktop, likely with a used MacBook if I get my way. I figure there are some things I know I can do to make sure it's in good, working condition. (And yeah, I realize there'll be some wear from having had an
-
Premiere Pro CC Crashes on startup
Hi, I'm using a Mac OS X 10.9.2, and premiere pro keeps crashing every time I try to start up today. The other creative cloud programs all work, just premiere pro. There are no updates as far as I can tell. I've tried restarting. Any suggestions?
-
Sound only working intermittently
I have recently bought my son his first computer, a secondhand late '07 Macbook, running 10.6.8. All works well except for an intermittent loss of sound. When the sound fails the volume icon in the top bar greys out & in System Preferences/Sound it s
-
Hi! Do you know a place where I could find the statements needed in order to insert links to record details from each type of report? Form the moment I managed to find the statement that helps the users navigate to Account details from an Account rep
-
Does the iPad support Function keys natively, not through another program?
I have my Operations department which needs to access a couple of customer databases through the web using a java applet. I do not want them to have to come to the office so we got them a netbook, but I was hoping that the iPad would be a better solu