• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

JBOSS session sharing issue

 
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I have 2 ears deployed in JBOSS AS5.0. the first ear performs the login through DatabaseServerLoginModule.
After the successful logging in the application displays a page with links to other application, where the logged in user have roles.

Till this time everything works fine.

Now when the user clicks on any link in this page to launch the specific application (This app is in another ear)


From the logs what i am getting is Failed authenticate() test

2009-02-20 15:49:41,113 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-127.0.0.1-8080-1) Calling authenticate()
2009-02-20 15:49:41,113 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] (http-127.0.0.1-8080-1) Save request in session '84809F9A31FA276F5CC0E05BE653DAC2'
2009-02-20 15:49:41,113 TRACE [org.apache.catalina.core.StandardWrapper] (http-127.0.0.1-8080-1) Returning non-STM instance
2009-02-20 15:49:41,113 TRACE [org.jboss.web.tomcat.security.RunAsListener] (http-127.0.0.1-8080-1) jsp, runAs: null
2009-02-20 15:49:41,113 TRACE [org.jboss.web.tomcat.security.RunAsListener] (http-127.0.0.1-8080-1) jsp, runAs: null
2009-02-20 15:49:41,113 TRACE [org.jboss.web.tomcat.security.RunAsListener] (http-127.0.0.1-8080-1) jsp, runAs: null
2009-02-20 15:49:41,129 TRACE [org.jboss.web.tomcat.security.RunAsListener] (http-127.0.0.1-8080-1) jsp, runAs: null
2009-02-20 15:49:41,129 DEBUG [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/admin].[jsp]] (http-127.0.0.1-8080-1) Disabling the response for futher output
2009-02-20 15:49:41,129 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-127.0.0.1-8080-1) Failed authenticate() test
2009-02-20 15:49:41,129 TRACE [org.jboss.security.SecurityRolesAssociation] (http-127.0.0.1-8080-1) Setting threadlocal:null


One thing I noticed is like JBOSS is again trying to do an authentication against the logged in user when he clicks on the link. I don’t know why it has to do it again.
I was expecting the role already authorized should follow to the subsequent requests?
Another thing I noticed is when the user logs in to the application one sessionID is created .After logging in when clicks on the link to launch other application, it creates another session ID


I suspect this could be the reason why the second app is again going for an authentication against the role.

Please advice what needs to be done in this scenario?


Appreciate your help
 
Sheriff
Posts: 9707
43
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi harrikrishnan, welcome to javaranch.

Well I'm not a pro at this, but I don't think you can share session between between applications. I don't know about enterprise applications, but I think this is not possible for normal web applications i.e. war files. A session is only valid for one context path that's what I know...
 
Rajesh Unnithan
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Ankit,

Thanks for your replay.

The same scenario is working fine with a JRUN4 App Server. I am trying to migrate these application from JRUN to JBOSS.

Regards
Harikrishnan
 
Sheriff
Posts: 10445
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ankit is right. Sessions are per application. What you are looking for is probably Single Sign On (SSO). These might help you get started:

http://www.jboss.org/community/docs/DOC-12280

http://www.jboss.org/jbosssso/
 
Rajesh Unnithan
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Jaikiran,

Thanks for your response.

I will try with the SSO and update you the status.

Appreciate youe help.


Regards
Harikrishnan
 
Rajesh Unnithan
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Jaikiran,

I tried to configure the SSO implementation by editing the server.xml file.
I gave the requireReauthentication = "true".
Now I am able to make some more progress. The user is authenticated successfully but I am getting a null pointer exception.

Do you have any idea why it’s happening like this?

Please find the log below.

2009-02-23 09:04:38,880 DEBUG [org.apache.catalina.realm.RealmBase] (http-127.0.0.1-8080-1) Checking constraint 'SecurityConstraint[UserAdminResources]' against GET /adminaction --> true
2009-02-23 09:04:38,880 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-127.0.0.1-8080-1) Calling hasUserDataPermission()
2009-02-23 09:04:38,880 DEBUG [org.apache.catalina.realm.RealmBase] (http-127.0.0.1-8080-1) User data constraint has no restrictions
2009-02-23 09:04:38,880 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] (http-127.0.0.1-8080-1) Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED]
2009-02-23 09:04:38,880 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-127.0.0.1-8080-1) Calling authenticate()
2009-02-23 09:04:38,880 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] (http-127.0.0.1-8080-1) SSO Id 4BDB9025E977B66742B91E04A926D986 set; attempting reauthentication
2009-02-23 09:04:38,880 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] (http-127.0.0.1-8080-1) Begin authenticate, username=hnair
2009-02-23 09:04:38,895 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.sample] (http-127.0.0.1-8080-1) Begin isValid, principal:hnair, cache info: org.jboss.security.plugins.auth.JaasSecurityManagerBase$DomainInfo@12344b[Subject(14446424).principals=org.jboss.security.SimplePrincipal@3338789(hnair)org.jboss.security.SimpleGroup@23309041(Roles(members:ARMRole,UserAdminRole,SCIPRole)),credential.class=java.lang.String@12329707,expirationTime=1235403219445]
2009-02-23 09:04:38,895 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.sample] (http-127.0.0.1-8080-1) Begin validateCache, info=org.jboss.security.plugins.auth.JaasSecurityManagerBase$DomainInfo@12344b[Subject(14446424).principals=org.jboss.security.SimplePrincipal@3338789(hnair)org.jboss.security.SimpleGroup@23309041(Roles(members:ARMRole,UserAdminRole,SCIPRole)),credential.class=java.lang.String@12329707,expirationTime=1235403219445];credential.class=java.lang.String@12329707
2009-02-23 09:04:38,895 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.sample] (http-127.0.0.1-8080-1) End validateCache, isValid=true
2009-02-23 09:04:38,895 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.sample] (http-127.0.0.1-8080-1) End isValid, true
2009-02-23 09:04:38,895 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] (http-127.0.0.1-8080-1) User: hnair is authenticated2009-02-23 09:04:38,895 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.sample] (http-127.0.0.1-8080-1) getPrincipal, cache info: org.jboss.security.plugins.auth.JaasSecurityManagerBase$DomainInfo@12344b[Subject(14446424).principals=org.jboss.security.SimplePrincipal@3338789(hnair)org.jboss.security.SimpleGroup@23309041(Roles(members:ARMRole,UserAdminRole,SCIPRole)),credential.class=java.lang.String@12329707,expirationTime=1235403219445]
2009-02-23 09:04:38,895 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] (http-127.0.0.1-8080-1) Mapped from input principal: hnairto: hnair
2009-02-23 09:04:38,895 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] (http-127.0.0.1-8080-1) End authenticate, principal=GenericPrincipal[hnair(ARMRole,SCIPRole,UserAdminRole,)]
2009-02-23 09:04:38,895 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-127.0.0.1-8080-1) Reauthenticated cached principal 'hnair' with auth type 'FORM'
2009-02-23 09:04:38,895 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] (http-127.0.0.1-8080-1) Calling accessControl()
2009-02-23 09:04:38,895 TRACE [org.jboss.security.SecurityRolesAssociation] (http-127.0.0.1-8080-1) Setting threadlocal:null
2009-02-23 09:04:38,895 TRACE [org.jboss.security.SecurityRolesAssociation] (http-127.0.0.1-8080-1) Setting threadlocal:null
2009-02-23 09:04:38,895 ERROR [org.apache.catalina.connector.CoyoteAdapter] (http-127.0.0.1-8080-1) An exception or error occurred in the container during the request processing
java.lang.NullPointerException
at org.apache.catalina.realm.RealmBase.hasResourcePermission(RealmBase.java:739)

at org.jboss.web.tomcat.security.JBossWebRealm.hasResourcePermission(JBossWebRealm.java:475)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:507)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)


Server.xml Configuration is given below.

<Valve className="org.apache.catalina.authenticator.SingleSignOn" requireReauthentication="true" />
 
Rajesh Unnithan
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HI

I could figure out the issue with the null pointer.
It was becoz I missed the <form-error-page> attribute in WEB.xml

It looks like Jboss expect both attributes. Previously i kept only one - the <form-login-page>

<form-login-config>
<form-login-page>redirect.jsp</form-login-page>
<form-error-page>error.jsp</form-error-page> </form-login-config>

Once again thanks a lot for your support

Appreciate your help.


 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic