Javax.security.auth.AuthPermission createLoginContext.Userpass
Hi,
I am working on authentication using JAAS.
I have created small application and calling it in one of the jsp file. When I try to access the jsp I am getting the following error:
createLoginContext.Userpass : access denied
(javax.security.auth.AuthPermission createLoginContext.Userpass)
When i run the java application it is authenticating the user but when I try to run it by calling it from JSP it is giving the above error.
I have java.policy file and I have modified that too and it is able to give permissions to all the jar file accept the one which I have created.
Can any body suggest how to give permission to (javax.security.auth.AuthPermission createLoginContext.Userpass).
Edited by: Vaibhav818 on Jun 30, 2008 2:54 AM
The error occurs because you don't grant createLoginContext permission to the Sample jar file in your policy file or you do but you don't specify your policy file. Below is example for authorization sample.
grant codebase "file:./SampleAzn.jar" {
permission javax.security.auth.AuthPermission "createLoginContext.Sample";
permission javax.security.auth.AuthPermission "doAsPrivileged";
Cheers
Zi
Similar Messages
-
ERROR,11 Feb 2009 15:39:42,453,[XELLERATE.JBOSSLOGINHANDLER],Error in creating l
ogin context
javax.security.auth.login.LoginException: java.lang.NoSuchFieldError: TRACE
at org.jboss.logging.Log4jLoggerPlugin.isTraceEnabled(Log4jLoggerPlugin.
java:85)
at org.jboss.logging.Logger.isTraceEnabled(Logger.java:122)
at org.jboss.security.ClientLoginModule.initialize(ClientLoginModule.jav
a:96)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:1
86)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:6
80)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at Thor.API.Security.LoginHandler.jbossLoginHandler.login(Unknown Source
at Thor.API.Security.ClientLoginUtility.login(Unknown Source)
at com.thortech.xl.client.base.tcAppWindow.internalLogin(Unknown Source)
at com.thortech.xl.client.base.tcAppWindow.login(Unknown Source)
at com.thortech.xl.client.base.tcAppWindow.<init>(Unknown Source)
at com.thortech.xl.client.base.tcAppWindow.main(Unknown Source)Backup the original file log4j-1.2.8.jar in oimclient/xlclient/ext
copy the log4j.jar from JBOSS folder - JBOSS/server/default
Paste the file in client folder with original log4j-1.2.8.jar
Rename log4j.jar file to log4j-1.2.8.jar
start ur JBOSS.. this shd work.
AKSHAY
Edited by: user640639 on Feb 11, 2009 12:20 PM -
Using javax.security.auth.LoginContext to generate a renewable ticket
Hi,
I tired to use javax.security.auth.LoginContext (with kerberos) to generate a forwardable and renewable ticket. With this ticket I authenticate the user at an other server.
My problem is, that the code generates a forwardable ticket, but not a renewable one. If I use the kinit (console tool) I am able to generate a renewable one.
Here is the JAVA-code:
System.setProperty("sun.security.krb5.debug","true");
System.setProperty("java.security.krb5.conf", "krb5.conf");
System.setProperty("java.security.auth.login.config", "login.conf");
lc = new LoginContext("SampleCXF",new LoginGuiCallbackHandler());
try {
lc.login();
}catch(Exception e) {
e.printStackTrace();
System.exit(1);
Subject subject = lc.getSubject();
KerberosTicket kt = (KerberosTicket) subject.getPrivateCredentials().iterator().next();
System.out.println(kt);
Subject.doAsPrivileged(subject, new PrivilegedAction<byte[]>() {
@Override
public byte[] run() {
try {
JaxWsProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setServiceClass(TestService.class);
factory.setAddress("https://server.at/TestProjektServer/services/TestService");
TestService client = (TestService) factory.create();
String message = client.service1("param service 1");
//String message = client.service1("param service 1");
}catch(Exception e) {
e.printStackTrace();
return null;
}, null);
the login.conf contains:
SampleCXF {
com.sun.security.auth.module.Krb5LoginModule required useTicketCache=true debug=true renewTGT=true doNotPront=true;
the krb5.conf contains:
[libdefaults]
default_realm = TESTREALM
kinit = {
forwardable = true
proxiable = true
renew_lifetime = 5d 0h 0m 0s
[realms]
TESTREALM = {
kdc = aba.hostingcenter.uclv.net
admin_server = aba.hostingcenter.uclv.net
[domain_realm]
*.test.net = TESTREALM
.test.net = TESTREALM
[logging]
default = FILE:/var/log/kdc.log
kdc = FILE:/var/log/kdc.log
[appdefaults]
pam = {
renewable = true
forwardable = true
renew_lifetime = 5d 0h 0m 0s
If I use my client principal and password a ticket will be generated. This ticket is not renewable!!
If I use the ticket cache (kinit -r, and kinit -R), a renewable ticket was loaded. On the server side the forwarded ticket is not renewable. It seams that the client generates a new ticket with the forwarded flag, but the renewable flag is not set.
does anyone have an idea?
Thanks a lot
Ludi
Edited by: user6714014 on Dec 13, 2011 7:34 AMnobody knows?
-
Hi All,
I have an critical ssue to be solved on Production environemt :(,
we have oim installed on cluster in production(OIM11g installed on server ), the configuration is as mentioned below
cluster 1--oim1,soa1--server1--holds admin server
cluster 2--oim2,soa2--server2--managed server and no admin server
This instance was working fine, we had to restart the server machine for some reason and i am not able to start OIM server :( after that.
following is the exception i get when i start the OIM server , Please help :(
2011-05-13T13:42:29.585+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.weblogic.listeners.ADFApplicationLifecycleListener] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFApplicationLifecycleListener.preStop. Cleaning up Application caches.
[2011-05-13T13:42:29.585+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] Clean up Application Caches
[2011-05-13T13:42:29.585+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFConfigFactory.cleanUpApplicationCaches. Calling ADF Config instance implementation: class oracle.adf.share.config.MDSConfigImpl.releaseResources()
[2011-05-13T13:42:29.600+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFConfigFactory.cleanUpApplicationCaches. Calling ADF Config instance implementation: class oracle.adf.share.config.MDSConfigImpl.releaseResources()
[2011-05-13T13:42:29.600+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFConfigFactory.cleanUpApplicationCaches. Calling ADF Config instance implementation: class oracle.adf.share.config.MDSConfigImpl.releaseResources()
[2011-05-13T13:42:29.600+05:30] [wls_oim1] [NOTIFICATION] [] [oracle.adf.share.config.ADFConfigFactory] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] ADFConfigFactory.cleanUpApplicationCaches. Calling ADF Config instance implementation: class oracle.adf.share.config.MDSConfigImpl.releaseResources()
[*2011-05-13T13:42:30.193+05:30] [wls_oim1] [ERROR] [] [OIM Authenticator] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] Error while retrieving user xelsysadm*
*[2011-05-13T13:42:30.224+05:30] [wls_oim1] [ERROR] [IAM-0020011] [oracle.iam.platform.auth.client] [tid: [ACTIVE].ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000IzcQVWHFo2w6wFNa6G1DhbE300075k,0] [APP: oim#11.1.1.3.0] Login Exception encountered when trying to login as admin {0}[[*
*javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: java.lang.SecurityException: [Security:090304]Authentication Failed: User xelsysadm javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User xelsysadm denied*
at weblogic.security.auth.login.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:199)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:684)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at Thor.API.Security.LoginHandler.weblogicLoginHandler.login(weblogicLoginHandler.java:62)
at oracle.iam.platform.OIMClient.login(OIMClient.java:134)
at oracle.iam.platform.OIMClient.login(OIMClient.java:114)
at oracle.iam.platform.OIMInternalClient.loginAsAdmin(OIMInternalClient.java:69)
at oracle.iam.scheduler.impl.util.SchedulerUtil.getSchedulerService(SchedulerUtil.java:735)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.resetRunningJobStatus(SchedulerStartupServlet.java:247)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.stopScheduler(SchedulerStartupServlet.java:123)
at oracle.iam.scheduler.webapp.SchedulerStartupServlet.destroy(SchedulerStartupServlet.java:261)
at weblogic.servlet.internal.StubSecurityHelper$ServletDestroyAction.run(StubSecurityHelper.java:303)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.StubSecurityHelper.destroyServlet(StubSecurityHelper.java:81)
at weblogic.servlet.internal.StubLifecycleHelper.destroyOneInstance(StubLifecycleHelper.java:144)
at weblogic.servlet.internal.StubLifecycleHelper.destroy(StubLifecycleHelper.java:134)
at weblogic.servlet.internal.ServletStubImpl.destroy(ServletStubImpl.java:438)
at weblogic.servlet.internal.WebAppServletContext.destroyServlets(WebAppServletContext.java:3232)
at weblogic.servlet.internal.WebAppServletContext.destroy(WebAppServletContext.java:3192)
at weblogic.servlet.internal.ServletContextManager.destroyContext(ServletContextManager.java:241)
at weblogic.servlet.internal.HttpServer.unloadWebApp(HttpServer.java:461)
at weblogic.servlet.internal.WebAppModule.destroyContexts(WebAppModule.java:1540)
at weblogic.servlet.internal.WebAppModule.deactivate(WebAppModule.java:513)
at weblogic.application.internal.flow.ModuleStateDriver$2.previous(ModuleStateDriver.java:389)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:167)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:160)
at weblogic.application.internal.flow.ModuleStateDriver.deactivate(ModuleStateDriver.java:141)
at weblogic.application.internal.flow.ScopedModuleDriver.deactivate(ScopedModuleDriver.java:207)
at weblogic.application.internal.flow.ModuleListenerInvoker.deactivate(ModuleListenerInvoker.java:261)
at weblogic.application.internal.flow.DeploymentCallbackFlow$2.previous(DeploymentCallbackFlow.java:538)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:167)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:160)
at weblogic.application.internal.flow.DeploymentCallbackFlow.deactivate(DeploymentCallbackFlow.java:182)
at weblogic.application.internal.flow.DeploymentCallbackFlow.deactivate(DeploymentCallbackFlow.java:175)
at weblogic.application.internal.BaseDeployment$2.previous(BaseDeployment.java:1281)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:167)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:160)
at weblogic.application.internal.BaseDeployment.deactivate(BaseDeployment.java:453)
at weblogic.application.internal.EarDeployment.deactivate(EarDeployment.java:58)
at weblogic.application.internal.DeploymentStateChecker.deactivate(DeploymentStateChecker.java:199)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.deactivate(AppContainerInvoker.java:98)
at weblogic.deploy.internal.targetserver.BasicDeployment.deactivate(BasicDeployment.java:263)
at weblogic.deploy.internal.targetserver.BasicDeployment.deactivateFromServerLifecycle(BasicDeployment.java:458)
at weblogic.management.deploy.internal.DeploymentAdapter$1.doDeactivate(DeploymentAdapter.java:74)
at weblogic.management.deploy.internal.DeploymentAdapter.deactivate(DeploymentAdapter.java:215)
at weblogic.management.deploy.internal.AppTransition$6.transitionApp(AppTransition.java:67)
at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
at weblogic.management.deploy.internal.ConfiguredDeployments.deactivate(ConfiguredDeployments.java:199)
at weblogic.management.deploy.internal.ConfiguredDeployments.undeploy(ConfiguredDeployments.java:191)
at weblogic.management.deploy.internal.DeploymentServerService.shutdownApps(DeploymentServerService.java:195)
at weblogic.management.deploy.internal.DeploymentServerService.shutdownHelper(DeploymentServerService.java:127)
at weblogic.application.ApplicationShutdownService.stop(ApplicationShutdownService.java:106)
at weblogic.t3.srvr.ServerServicesManager.stopInternal(ServerServicesManager.java:495)
at weblogic.t3.srvr.ServerServicesManager.stop(ServerServicesManager.java:316)
at weblogic.t3.srvr.T3Srvr.shutdown(T3Srvr.java:1036)
at weblogic.t3.srvr.T3Srvr.gracefulShutdown(T3Srvr.java:939)
at weblogic.t3.srvr.GracefulShutdownRequest.run(GracefulShutdownRequest.java:41)
at weblogic.work.ContextWrap.run(ContextWrap.java:41)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Thanks in advanceAgreed with all above pointers.
I think you have to raise SR with oracle, because it is prod environment.
If you still want to do some R&D.
1. Also check this URL might help, but not sure.
http://download.oracle.com/docs/cd/E21764_01/doc.1111/e14308/handlinglcm.htm#CIAJCEEF
http://download.oracle.com/docs/cd/E21764_01/doc.1111/e14308/handlinglcm.htm#CIAEFAGF
2. Restart all servers (along with Admin server and DB). -
I'm trying to sign my messages between client & webservice using X509 certificates. I've created a keystore and imported:
privatekey1, certificate1(public key) and trustedCertAuthority that published certificates.
I've configured webservice & client to use that keystore and privatekey1 to sign request/response, but web service keeps throwing following exception:
javax.security.auth.login.LoginException: Cannot authenticate X509 certificate, User EMAILADDRESS=[email protected], CN=testUser, ... does not exist in our system
How can I configure web service to find that certificate?
Thnx for help.Yes, I did. I found the problem..
I had also checked to Authenticate with X509 certificate... and obviously I should somehow set the Securtiy provider, although, I don't know how (but it's not so important right now).
But I do have another question - how can I use private key & public key in certificate X509 to encrypt messages. In the sample you mentioned, it's written that there shoud be separate key for signature & encryption, but I have separate keystores for client (with client private key & server public certificate) and for server (with server private key & client certificate). But I can't get it to work... It seems to me that in that case signature key alias at service should be the same as key needed to decrypt the message?
Am i missing something again?
Thanks. -
Javax.security.auth.login.LoginException:
Hi,
I am trying to set Windows Desktop SSO.
I am configuring kerberos and i got the following in the kdc.log:
PREAUTH_FAILED: HTTP/[email protected] for kadmin/[email protected], Preauthentication failed
and from the amAuthWindowsSSO the following:
javax.security.auth.login.LoginException: Pre-authentication information was invalid (24) - Preauthentication failed
Can anyone help me to get this fixed?
Thanks,
Scottynobody knows?
-
Javax.security.auth.Subject and weblogic.security.acl.User
Hello,
We are trying to move some old authentication code (Weblogic 5.1) to JAAS
which comes with Weblogic 6.1. Here is my problem:
I can succesfully authenticate the Subject through my RDBMS Realm. But then, the rest of my code uses weblogic.security.acl.User
and not javax.security.auth.Subject for authorization and other tasks. So, how can I extract weblogic.security.acl.User from javax.security.auth.Subject?
I tried subject.getPrincipals(), since User indirectly implements Principal, but it comes back empty.
Any suggestions?Hello,
We are trying to move some old authentication code (Weblogic 5.1) to JAAS
which comes with Weblogic 6.1. Here is my problem:
I can succesfully authenticate the Subject through my RDBMS Realm. But then, the rest of my code uses weblogic.security.acl.User
and not javax.security.auth.Subject for authorization and other tasks. So, how can I extract weblogic.security.acl.User from javax.security.auth.Subject?
I tried subject.getPrincipals(), since User indirectly implements Principal, but it comes back empty.
Any suggestions? -
NotSerializableException: javax.security.auth.login.LoginContext
Hi,
I'm using the JAAS-API for a JDBC-based user login procedure.
Although it worked fine for months, suddenly it doesn't work anymore (i.e., after user enters name+password and clicks login-button, nothing happens besides the browser bottom line 'waiting for localhost'). I tried to debug this, but then Creator always crashed.
I just looked inside the server-log-files and found the following exception stack trace. It was stored in the files during every login procedure.
Because it worked fine before, this issue probably is not critical and could be solved by reinstalling Creator, but anyway I would greatly appreciate, if someone would have an idea what the problem is.
Regards,
Felix
[#|2006-07-10T17:41:50.494+0200|INFO|sun-appserver-pe8.2|org.apache.catalina.session.ManagerBase|_ThreadID=17;|Cannot serialize session attribute SessionBean1 for session 5918037189ed39ffffffffc4ba0330aded7d1
java.io.NotSerializableException: javax.security.auth.login.LoginContext
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1075)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1369)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1341)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1284)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1073)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:291)
at org.apache.catalina.session.StandardSession.writeObject(StandardSession.java:1775)
at org.apache.catalina.session.StandardSession.writeObjectData(StandardSession.java:985)
at org.apache.catalina.session.StandardManager.doUnload(StandardManager.java:543)
at org.apache.catalina.session.StandardManager.unload(StandardManager.java:482)
at org.apache.catalina.session.StandardManager.stop(StandardManager.java:711)
at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4675)
at org.apache.catalina.core.ContainerBase.removeChild(ContainerBase.java:956)
at com.sun.enterprise.web.WebContainer.unloadWebModule(WebContainer.java:2122)
at com.sun.enterprise.server.WebModuleDeployEventListener.moduleUndeployed(WebModuleDeployEventListener.java:198)
at com.sun.enterprise.server.WebModuleDeployEventListener.moduleUndeployed(WebModuleDeployEventListener.java:278)
at com.sun.enterprise.admin.event.AdminEventMulticaster.invokeModuleDeployEventListener(AdminEventMulticaster.java:920)
at com.sun.enterprise.admin.event.AdminEventMulticaster.handleModuleDeployEvent(AdminEventMulticaster.java:905)
at com.sun.enterprise.admin.event.AdminEventMulticaster.processEvent(AdminEventMulticaster.java:427)
at com.sun.enterprise.admin.event.AdminEventMulticaster.multicastEvent(AdminEventMulticaster.java:139)
at com.sun.enterprise.admin.server.core.DeploymentNotificationHelper.multicastEvent(DeploymentNotificationHelper.java:288)
at com.sun.enterprise.deployment.phasing.DeploymentServiceUtils.multicastEvent(DeploymentServiceUtils.java:155)
at com.sun.enterprise.deployment.phasing.ServerDeploymentTarget.sendStopEvent(ServerDeploymentTarget.java:283)
at com.sun.enterprise.deployment.phasing.StopPhase.runPhase(StopPhase.java:126)
at com.sun.enterprise.deployment.phasing.DeploymentPhase.executePhase(DeploymentPhase.java:71)
at com.sun.enterprise.deployment.phasing.PEDeploymentService.executePhases(PEDeploymentService.java:639)
at com.sun.enterprise.deployment.phasing.PEDeploymentService.stop(PEDeploymentService.java:409)
at com.sun.enterprise.deployment.phasing.PEDeploymentService.stop(PEDeploymentService.java:444)
at com.sun.enterprise.admin.mbeans.ApplicationsConfigMBean.stop(ApplicationsConfigMBean.java:725)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.sun.enterprise.admin.MBeanHelper.invokeOperationInBean(MBeanHelper.java:305)
at com.sun.enterprise.admin.config.BaseConfigMBean.invoke(BaseConfigMBean.java:360)
at com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
at sun.reflect.GeneratedMethodAccessor25.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.sun.enterprise.admin.util.proxy.ProxyClass.invoke(ProxyClass.java:54)
at $Proxy1.invoke(Unknown Source)
at com.sun.enterprise.admin.server.core.jmx.SunoneInterceptor.invoke(SunoneInterceptor.java:272)
at com.sun.enterprise.admin.jmx.remote.server.callers.InvokeCaller.call(InvokeCaller.java:38)
at com.sun.enterprise.admin.jmx.remote.server.MBeanServerRequestHandler.handle(MBeanServerRequestHandler.java:92)
at com.sun.enterprise.admin.jmx.remote.server.servlet.RemoteJmxConnectorServlet.processRequest(RemoteJmxConnectorServlet.java:69)
at com.sun.enterprise.admin.jmx.remote.server.servlet.RemoteJmxConnectorServlet.doPost(RemoteJmxConnectorServlet.java:94)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:767)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
at sun.reflect.GeneratedMethodAccessor82.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:257)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:161)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:263)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:225)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:173)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:132)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:189)
at com.sun.enterprise.web.connector.grizzly.ProcessorTask.doProcess(ProcessorTask.java:604)
at com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.java:475)
at com.sun.enterprise.web.connector.grizzly.ReadTask.executeProcessorTask(ReadTask.java:371)
at com.sun.enterprise.web.connector.grizzly.ReadTask.doTask(ReadTask.java:264)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:281)
at com.sun.enterprise.web.connector.grizzly.WorkerThread.run(WorkerThread.java:83)
|#]just to make it clearer, the important Exception seems to be the following line:
java.io.NotSerializableException: javax.security.auth.login.LoginContext
The first thought of mine was to add an implements Serializable to the class, but that's not possible, because the class is read-only.
So does anyone know, how this could be solved? -
Oracle 9I JAAS problem: javax.security.auth.login.LoginException
I have problem with Oracle 9IAS JAAS. I got "javax.security.auth.login.LoginException: unable to find LoginModule class" no matter where I put the classfile, either on JVM options(-cp), WAR file, or add it on the Web Admin, or manually edit 9iAS's configuration file.
None works, any one can help, I am using JDK1.3
I had the same problem on Tomcat, but I solved the problem by put the Class in the the JVM's classpath. But for 9iAS, it just ain't work.
Thank you for the helpBet you have solved this, but
the right place for jaas related stuff is
as installed extension i.e:
jre/lib/ext
where jaas.jar and jars containing login modules should be located.
/Kullervo -
Hi all,
I am trying out the implementation of custom login module with a j2ee web application.
I followed this<a href="http://help.sap.com/saphelp_nw04/helpdata/en/b9/9482887ddb3e47bd1a738c3e900195/frameset.htm">link</a>to create the login module.
When i run the application i get the error-
javax.security.auth.login.LoginException: No LoginModules configured for MyLoginModule.
This exception is pointing to my servlet where i've written the code-
LoginContext lc = new LoginContext("MyLoginModule");
try {
// start authentication
lc.login();
// user authenticated successfully
} catch (LoginException le) {
throw new Exception("Error authenticating user");
where <i>MyLoginModule</i> is the name of the custom login module i have implemented and registered in the security provider!
Message was edited by:
swarnadeepika subramanianHi,
this is the code in my login module class-
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options)
this.callbackHandler = callbackHandler;
this.subject = subject;
this.sharedState = sharedState;
this.options = options;
this.successful = false;
this.nameSet = false;
public boolean login() throws LoginException {
Callback[] callbacks = new Callback[1];
callbacks[0] = new HttpGetterCallback();
((HttpGetterCallback) callbacks[0]).setType(HttpCallback.REQUEST_PARAMETER);
((HttpGetterCallback) callbacks[0]).setName("username");
try {
callbackHandler.handle(callbacks);
} catch (UnsupportedCallbackException e) {
return false;
} catch (IOException e) {
throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
//Returns an array of all request parameters with name "user_name".
String[] requestParameters = (String[]) ((HttpGetterCallback) callbacks[0]).getValue();
if ((requestParameters != null) && requestParameters.length > 0) {
userName = requestParameters[0];
if (userName == null) {
throwNewLoginException("No user name provided.");
try {
refreshUserInfo(userName);
} catch (SecurityException e) {
throwUserLoginException(e);
String prefix = (String) options.get("user_name_prefix");
if ((prefix != null) && !userName.startsWith(prefix))
throwNewLoginException("The user is not trusted.");
if (sharedState.get(AbstractLoginModule.NAME) == null) {
sharedState.put(AbstractLoginModule.NAME, userName);
nameSet = true;
successful = true;
return true;
public boolean commit() throws LoginException {
if (successful)
Principal principal = new Principal(userName);
subject.getPrincipals().add(principal);
if (nameSet)
sharedState.put(AbstractLoginModule.PRINCIPAL, principal);
else
userName = null;
return true;
public boolean abort() throws LoginException
if (successful)
userName = null;
successful = false;
return true;
public boolean logout() throws LoginException
if (successful)
subject.getPrincipals(Principal.class).clear();
successful = false;
return true;
From my understanding, this module gets the value that i enter in the(basic authentication) window and compares it with the prefix tat is set in the visual admin
am i right?
Can you elaborate about the HttpCallBackHandler? without understanding the code i dont think debugging is possible!
Regards
Deepika. -
Hi,
Iam implementing the JAAS API for the application security. I am getting the "javax.security.auth.login.LoginException: No LoginModules configured for "example"" exception.
The exception is thrown from the line -
LoginContext lc = new LoginContext("example", cbh);
I tried to debug by getting the config entry -
AppConfigurationEntry[] entries = config.getAppConfigurationEntry("example");
and "entries" is returning null.
the contents of jaas.config are -
example {
login.model.security.RdbmsLoginModule required debug="true" url="jdbc:oracle:thin://ha9-webdbs4:1528/OD40?user=xxx&password=xxx" driver="oracle.jdbc.driver.OracleDriver";
the entry for the jaas.config in the java.security file- (Tried both)
login.config.url.1=file:${java.home}/lib/security/jaas.config
java.security.auth.login.config=file:${java.home}/lib/security/jaas.config
The solutions I tried till now -
1. Hardcoding the value of "java.security.auth.login.config".
2. Starting the app server with the arguments
"-Djava.security.auth.login.config={PATH OF JAAS CONF}"
Nothing is working.
If anyone knows the solution, please share your ideas.
Thanks In Advance.
SR.Hi,
the following worked for me
-Djava.security.auth.login.config=src//oracle//sample//jaastester//jaasTestConfig.txt
where the policy file is located in the SRC folder of the JDeveloper project
Frank -
Hi All,
I am using JBOSS 4.0.5 GA Application Server. Eclipse3.0 IDE. Using JAAS 1.0 for authentication in login module.
While it is running under command prompt it was running successfully as below.......................
F:\Sample_Jaas1>java myapp.SomeStandAloneClient
Logging in user: testUser
Inside initialize method of SampleLoginModule
Inside login method of SampleLoginModule
Before call to callback handler
After call to call back handler
[SampleLoginModule] user entered username: testUser
[SampleLoginModule] user entered password: testPassword
[SampleLoginModule] authentication succeeded
[SampleLoginModule] added SamplePrincipal to Subject
Successfully logged in user: testUser
User logged in successfull
//Login.java
final String authFile = "Some.config";
System.out.println("Before setting system properties");
System.setProperty("java.security.auth.login.config", authFile);
System.out.println("After setting system properties");
MyCallbackHandler handler = new MyCallbackHandler(username,password);
try {
LoginContext lc = new LoginContext("someXYZLogin",handler);
System.out.println("Instantiate Login Context");
lc.login();
//*****when i am calling lc.login() method it is throwing the exceptions***
System.out.println("After calling login method");
System.out.println("Successfully logged in user: " + username);
} catch (LoginException le) {
System.out.println("Login failed");
le.printStackTrace();
//Some.config ---Config file
someXYZLogin{
dao.SampleLoginModule required debug=true;
//SampleLoginModule.java
public boolean login() throws LoginException {
System.out.println("Inside login method of SampleLoginModule");
if (callbackHandler == null)
throw new LoginException("Error: no CallbackHandler available " +
"to garner authentication information from the user");
Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("SampleModule username: ");
callbacks[1] = new PasswordCallback("SampleModule password: ", false);
try {
System.out.println("Before call to callback handler");
callbackHandler.handle(callbacks);
username = ((NameCallback)callbacks[0]).getName();
char[] tmpPassword = ((PasswordCallback)callbacks[1]).getPassword();
System.out.println("After call to call back handler");
if (tmpPassword == null) {
// treat a NULL password as an empty password
tmpPassword = new char[0];
password = new char[tmpPassword.length];
System.arraycopy(tmpPassword, 0,
password, 0, tmpPassword.length);
((PasswordCallback)callbacks[1]).clearPassword();
} catch (java.io.IOException ioe) {
throw new LoginException(ioe.toString());
} catch (UnsupportedCallbackException uce) {
throw new LoginException("Error: " + uce.getCallback().toString() +
" not available to garner authentication information " +
"from the user");
When it was running with JBOSS Server it is throwing the following exception:
09:45:21,484 ERROR [STDERR] javax.security.auth.login.FailedLoginException: Pass
word Incorrect/Password Required
09:45:21,484 ERROR [STDERR] at org.jboss.security.auth.spi.UsernamePasswordL
oginModule.login(UsernamePasswordLoginModule.java:213)
09:45:21,500 ERROR [STDERR] at org.jboss.security.auth.spi.UsersRolesLoginMo
dule.login(UsersRolesLoginModule.java:152)
09:45:21,500 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke0(
Native Method)
09:45:21,500 ERROR [STDERR] at sun.reflect.NativeMethodAccessorImpl.invoke(U
nknown Source)
09:45:21,500 ERROR [STDERR] at sun.reflect.DelegatingMethodAccessorImpl.invo
ke(Unknown Source)
09:45:21,500 ERROR [STDERR] at java.lang.reflect.Method.invoke(Unknown Sourc
e)
09:45:21,500 ERROR [STDERR] at javax.security.auth.login.LoginContext.invoke
(Unknown Source)
09:45:21,500 ERROR [STDERR] at javax.security.auth.login.LoginContext.access
$000(Unknown Source)
09:45:21,500 ERROR [STDERR] at javax.security.auth.login.LoginContext$4.run(
Unknown Source)
09:45:21,500 ERROR [STDERR] at java.security.AccessController.doPrivileged(N
ative Method)
09:45:21,500 ERROR [STDERR] at javax.security.auth.login.LoginContext.invoke
Module(Unknown Source)
09:45:21,500 ERROR [STDERR] at javax.security.auth.login.LoginContext.login(
Unknown Source)
Please tell me any body what might be the problem.....
Thanks in AdvanceFranky Ronald D'Souza wrote:
I am trying to connect to SQL Server 2000 from a JSP (Weblogic 7.0) using a
connection pool. (Without datasource etc). I am getting the above mentioned
exception.
If i connect through sun.jdbc.odbc it works fine. I dont know what i am
doing wrong. Can anyone help out with this problem.Whose SQLServer drier are you using? Can you connect to the DBMS using the
driver in a simple standalone program?
Joe
>
>
thnx in advance.
Franky -
i'm facing a problem regarding the jndiloginmodule.
even before connecting to the ldap server it says unable to locate jndi user provider. i have given the user.provider.url and also group.provider.url in the config file, but the (map)options is not recogonizing it.
sample {
com.sun.security.auth.module.JndiLoginModule required
user.provider.url = "ldap://localhost:389/cn=Manager,o=stooges"
group.provider.url = "ldap://localhost/cn=Manager,o=stooges" debug=true;
this is the config file
userProvider = (String)options.get(USER_PROVIDER);
groupProvider = (String)options.get(GROUP_PROVIDER);
these are the lines that should retrieve the userProvider, and the groupProvider but they are not. they are receiving null.
can any please help me.
thanx in advance
shani found what the problem was,
in JndiLoginModule.java
there is no need to declare a variable USER_PROVIDER and provide it as an argument to (map) options for getting the user.provider.url.
just replace USER_PROVIDER with "user.provider.url" and same with group provider also.
thats it.
thanx -
Hi All,
I have a custom security class (deployed in an application) that uses JAAS
to login, i have to set the Configuration in my security handler like this
Configuration.setConfiguration(new MyConfiguration());
This fails with
java.lang.SecurityException: No Permission to set the Configuration
How do i give this class the permission to set configuration???
Thanks,
Akonobody knows?
-
I am trying to connect to SQL Server 2000 from a JSP (Weblogic 7.0) using a
connection pool. (Without datasource etc). I am getting the above mentioned
exception.
If i connect through sun.jdbc.odbc it works fine. I dont know what i am
doing wrong. Can anyone help out with this problem.
thnx in advance.
FrankyFranky Ronald D'Souza wrote:
I am trying to connect to SQL Server 2000 from a JSP (Weblogic 7.0) using a
connection pool. (Without datasource etc). I am getting the above mentioned
exception.
If i connect through sun.jdbc.odbc it works fine. I dont know what i am
doing wrong. Can anyone help out with this problem.Whose SQLServer drier are you using? Can you connect to the DBMS using the
driver in a simple standalone program?
Joe
>
>
thnx in advance.
Franky
Maybe you are looking for
-
2012 MacBook Pro running extremely slowly with constant color wheel
I have a 2012 MacBrook Pro and yesterday it randomly began to function extremely slowly and has almost a constant color wheel. This does not just happen when on the internet, but happens with any function of my computer. Even the typing is lagging. T
-
How can I track my iPods last place it was using find my iphone if it's now dead
I need to know if I can track the last place my iPod was if I had find my iPod on the iPod
-
All my programms have itune logo
when i download itunes just before it finishes all my icons change to the itunes logo i need help?
-
How many WAYS are there to CREATE an OBJECT?
I simply know about implicit creation and explicit creation: String name = "Asim Munir"; //Implicit String name = new String("Asim Munir"); // Explicit Do you have any other way to create an object?
-
There was a file that was on a old MAC HD and wasn't thinking as I attached to a windows machine as I thought windows would ignore it. It never showed up in windows, when I went to put it back in the mac it DOES NOT SHOW UP either in Disk Utilitys, m