Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

JAAS & LoginPodule - Exception when adding Principal to subject

843811Aug 11 2005 — edited Mar 30 2007
I am writing custom login module which using ejb to authenticate user. When I am trying to add principal to subject (in "confirm" method) I always have SecurityException. What wrong? (I deployng this module with EAR)

Here some code & stack trace:

public class ServiceLoginModule implements LoginModule {

private ServiceLocator serviceLocator;
private Subject subject;
private CallbackHandler handler;
private Map sharedState;
private Map options;
private boolean succeeded = false;
private String login;


/** Creates a new instance of ServiceAuthModule */
public ServiceLoginModule() {
}

public void initialize(Subject subject, CallbackHandler handler,
Map sharedState, Map options) {
this.subject = subject;
this.handler = handler;
this.sharedState = sharedState;
this.options = options;
}

public boolean login() throws LoginException {
try {
Callback[] callbacks = new Callback[] {
new NameCallback("Login:"), new PasswordCallback("Password:",
false)
};
handler.handle(callbacks);

NameCallback nc = (NameCallback) callbacks[0];
PasswordCallback pc = (PasswordCallback) callbacks[1];
login = nc.getName();
succeeded = validate(nc.getName(), pc.getPassword());
return succeeded;
} catch (Exception e) {
throw new LoginException(e.getMessage());
}
}

public boolean logout() throws LoginException {
subject.getPrincipals().clear();
return true;
}

public boolean commit() throws LoginException {
if (!succeeded) {
return false;
}

ServicePrincipal sp = new ServicePrincipal(login);
if (!subject.getPrincipals().contains(sp)) {
//!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
// ATTENTION ATTENTION THIS CODE THROWS EXCEPTION !!!!!!!!!!!!!!!
subject.getPrincipals().add(sp);
}
return true;
}

public boolean abort() throws LoginException {
//logout();

return true;
}

private boolean validate(String login, char[] password) throws Exception {
return lookupAccountServiceBean().authenticate(login,
password.toString());
}
}


javax.security.auth.login.LoginException: Security Exception
at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:856)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:580)
at net.mycompany.actions.LoginAction.execute(LoginAction.java:40)
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.
java:419)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:767)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
at sun.reflect.GeneratedMethodAccessor66.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.jav
a:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
at
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilt
erChain.java:257)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChai
n.java:55)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.jav
a:161)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.
java:157)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:2
63)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValv
e.java:225)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:1
73)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:132
)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:551)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:933)
at
org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:185)
at
com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.jav
a:653)
at
com.sun.enterprise.web.connector.grizzly.ProcessorTask.process(ProcessorTask.jav
a:534)
at
com.sun.enterprise.web.connector.grizzly.ProcessorTask.doTask(ProcessorTask.java
:403)
at
com.sun.enterprise.web.connector.grizzly.WorkerThread.run(WorkerThread.java:55)

Caused by: java.lang.SecurityException
at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:857)
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Apr 27 2007
Added on Aug 11 2005
#other-security-apis-tools-and-issues
4 comments
869 views