File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Tomcat and the fly likes Tomcat JAAS Authentication NullPointerException Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat JAAS Authentication NullPointerException" Watch "Tomcat JAAS Authentication NullPointerException" New topic

Tomcat JAAS Authentication NullPointerException

matt matchefts

Joined: Aug 12, 2010
Posts: 2
I have configured Tomcat to do JAAS authentication using a custom login/error page. I am getting a nullponterexception as defined below. Log messages indicate that my JAAS authentication module is invoked and returning 'true' from the auth module ::commit function. I have defined my own User and Role principle and specified in server.xml file. Any suggestions on how to debug the NPE that isn't in my code? I'm not sure what to look at next... Thanks.

INFO: Server startup in 9775 ms
Aug 11, 2010 4:52:12 PM org.apache.catalina.connector.CoyoteAdapter service
SEVERE: An exception or error occurred in the container during the request processing
at java.util.Arrays.binarySearch0(
at java.util.Arrays.binarySearch(
at org.apache.catalina.realm.GenericPrincipal.hasRole(
at org.apache.catalina.realm.RealmBase.hasRole(
at org.apache.catalina.realm.RealmBase.hasResourcePermission(
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(
at org.apache.catalina.core.StandardHostValve.invoke(
at org.apache.catalina.valves.ErrorReportValve.invoke(
at org.apache.catalina.core.StandardEngineValve.invoke(
at org.apache.catalina.connector.CoyoteAdapter.service(
at org.apache.coyote.http11.Http11Processor.process(
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(

Realm Definition
<Realm className = "org.apache.catalina.realm.JAASRealm"
roleClassNames="mikros.RolePrincipal" />

JAAS Login Module
public class Authenticator implements LoginModule {
private static Logger log = Logger.getLogger(Authenticator.class);

String loginName;
CallbackHandler handler;
Subject subject;
Map<String, ?> sharedState;
Map<String, ?> options;

private boolean loginPassed = false;

public Authenticator() {


public boolean abort() throws LoginException {
// TODO Auto-generated method stub
return false;

public boolean commit() throws LoginException {
try {
UserPrincipal user = new UserPrincipal(loginName);
RolePrincipal role = new RolePrincipal("admin");

log.debug("Added user and role principals.");
} catch (Exception e) {
throw new LoginException(e.getMessage());

return true;

public void initialize(Subject subject,
CallbackHandler callbackHandler,
Map<String, ?> sharedState,
Map<String, ?> options) {
this.subject = subject;
this.handler = callbackHandler;
this.sharedState = sharedState;
this.options = options;


public boolean login() throws LoginException {

String name = "";
String pass = "";

Context env = null;
boolean passed = false;
Callback[] callbacks = new Callback[2];

callbacks[0] = new NameCallback("Username:");
callbacks[1] = new PasswordCallback("Password:", false);

try {

NameCallback nameCallback = (NameCallback) callbacks[0];
name = nameCallback.getName();
PasswordCallback passwordCallback = (PasswordCallback) callbacks[1];
pass = new String(passwordCallback.getPassword());

log.debug("log in name:" + name + " password:" + pass);

if (name.equals("foo") &&
pass.equals("bar")) {
loginPassed = true;
loginName = name;
log.debug("login passed.");
} else {
loginPassed = false;
log.debug("login failed.");

return loginPassed;
catch (Exception e) {
throw new LoginException(e.getMessage());

public boolean logout() throws LoginException {
try {
UserPrincipal user = new UserPrincipal(loginName);
RolePrincipal role = new RolePrincipal("admin");
log.debug("Logged out:" + loginName);
} catch (Exception e) {
throw new LoginException(e.getMessage());

return true;
matt matchefts

Joined: Aug 12, 2010
Posts: 2
I resolved the issue. I had a bad equals function in my RolePrincipal object that caused the null pointer exception.
I agree. Here's the link:
subject: Tomcat JAAS Authentication NullPointerException
It's not a secret anymore!