No ideas? :( I must solve this problem quickly. Thanks people.. --- Bruno Vg
BVG wrote: >Hi Jeff, > >The stub call is done in the JAAS module (file: SampleLoginModule.java), this >module is configured on Tomcat application, and when I press the >authentication form the JAAS module runs. When it runs, call the >VerificaAutenticacao WebService, which returns some values to check if this >user is authenticate. It's in this call that I got a CastClassException on the >file WSDDTargetedChain.java:157(Axis code), and in there I see different ids >for the same Handler: >"ClassUtils.forName(pivotQName.getLocalPart()).newInstance().getClass().getSuperclass().getInterfaces()" > = java.lang.Class[1] (id=85) >"Class.forName("org.apache.axis.Handler")" = java.lang.Class >(org.apache.axis.Handler) (id=91) > >But, if I call the same webservice but outside that JAAS module, everything >works, and the ids are the same for the same handler: >"ClassUtils.forName(pivotQName.getLocalPart()).newInstance().getClass().getSuperclass().getInterfaces()" > = java.lang.Class[1] (id=85) >"Class.forName("org.apache.axis.Handler")" = java.lang.Class >(org.apache.axis.Handler) (id=85) > >Any ideas? humm.. :( >Thanks one more time Jeff > >Jeff wrote: > >>In a discussion about error handling a while back, I mentioned to James >>Taylor how insane it is to report a ClassCastException without citing the >>offending class. >> >>Presumably you know which class your handler is or can look it up in the >><handler> element of your deployment descriptor. You need to ensure that it >>implements org.apache.axis.Handler, one way or another. >> >>If that doesn't help, make sure your log4j.properties file of configured to >>dump in DEBUG mode and check out the log for clues. >> >>(I wonder if anyone has every estimated how much Java development time is >>wasted globally on class path issues.) >> >> >>Jeff >> >> >>----- Original Message ----- >>From: "BVG" <[EMAIL PROTECTED]> >>To: <axis-user@ws.apache.org> >>Sent: Tuesday, June 14, 2005 8:06 AM >>Subject: classloader problem >> >> >>I've a problem with classloader. >>I got all the time CastClassException when I invoke directly a stub (Axis >>1.2) on a JAAS module (Java authentication). >>It seems the problem is on this line (WSDDTargetedChain.java:157): >>pivot = >>(Handler)ClassUtils.forName(pivotQName.getLocalPart()).newInstance(); >> >>the cast Handler is not from the same instance of result and throw a >>CastClass Exception. >>What can I do to prevent this frustrating problem? >> >>I really need your help! >>Thank you all! >> >>--------------------- ERROR --------------------------- >>AxisFault >>faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException >>faultSubcode: >>faultString: java.lang.ClassCastException >>faultActor: >>faultNode: >>faultDetail: >> {http://xml.apache.org/axis/}stackTrace:java.lang.ClassCastException >> at >>org.apache.axis.deployment.wsdd.WSDDTargetedChain.makeNewInstance(WSDDTarget >>edChain.java:157) >> at >>org.apache.axis.deployment.wsdd.WSDDDeployableItem.getNewInstance(WSDDDeploy >>ableItem.java:274) >> at >>org.apache.axis.deployment.wsdd.WSDDDeployableItem.getInstance(WSDDDeployabl >>eItem.java:260) >> at >>org.apache.axis.deployment.wsdd.WSDDDeployment.getTransport(WSDDDeployment.j >>ava:394) >> at >>org.apache.axis.configuration.FileProvider.getTransport(FileProvider.java:25 >>7) >> at org.apache.axis.AxisEngine.getTransport(AxisEngine.java:332) >> at org.apache.axis.client.AxisClient.invoke(AxisClient.java:163) >> at org.apache.axis.client.Call.invokeEngine(Call.java:2765) >> at org.apache.axis.client.Call.invoke(Call.java:2748) >> at org.apache.axis.client.Call.invoke(Call.java:2424) >> at org.apache.axis.client.Call.invoke(Call.java:2347) >> at org.apache.axis.client.Call.invoke(Call.java:1804) >> at >>com.jcms.Axis.WSPortal.WS_AcessoPortalSoapStub.verificaAutenticacao(WS_Acess >>oPortalSoapStub.java:321) >> at com.jcms.Axis.Webservices.VerificaAutenticacao(Webservices.java:263) >> at jaas.module.SampleLoginModule.login(SampleLoginModule.java:214) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39 >>) >> at >>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl >>.java:25) >> at java.lang.reflect.Method.invoke(Method.java:324) >> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675) >> at >>javax.security.auth.login.LoginContext.access$000(LoginContext.java:129) >> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610) >> at java.security.AccessController.doPrivileged(Native Method) >> at >>javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607) >> at javax.security.auth.login.LoginContext.login(LoginContext.java:534) >> at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:316) >> at >>org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthent >>icator.java:229) >> at >>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase >>.java:446) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:102) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at >>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137 >>) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:104) >> at >>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118 >>) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:102) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at >>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java >>:109) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:104) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) >> at >>org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) >> at >>org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) >> at >>org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne >>ction(Http11Protocol.java:705) >> at >>org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) >> at >>org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav >>a:683) >> at java.lang.Thread.run(Thread.java:534) >> >> {http://xml.apache.org/axis/}hostname:bvg >> >>java.lang.ClassCastException >> at org.apache.axis.AxisFault.makeFault(AxisFault.java:101) >> at org.apache.axis.client.AxisClient.invoke(AxisClient.java:216) >> at org.apache.axis.client.Call.invokeEngine(Call.java:2765) >> at org.apache.axis.client.Call.invoke(Call.java:2748) >> at org.apache.axis.client.Call.invoke(Call.java:2424) >> at org.apache.axis.client.Call.invoke(Call.java:2347) >> at org.apache.axis.client.Call.invoke(Call.java:1804) >> at >>com.jcms.Axis.WSPortal.WS_AcessoPortalSoapStub.verificaAutenticacao(WS_Acess >>oPortalSoapStub.java:321) >> at com.jcms.Axis.Webservices.VerificaAutenticacao(Webservices.java:263) >> at jaas.module.SampleLoginModule.login(SampleLoginModule.java:214) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39 >>) >> at >>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl >>.java:25) >> at java.lang.reflect.Method.invoke(Method.java:324) >> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675) >> at >>javax.security.auth.login.LoginContext.access$000(LoginContext.java:129) >> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610) >> at java.security.AccessController.doPrivileged(Native Method) >> at >>javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607) >> at javax.security.auth.login.LoginContext.login(LoginContext.java:534) >> at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:316) >> at >>org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthent >>icator.java:229) >> at >>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase >>.java:446) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:102) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at >>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137 >>) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:104) >> at >>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118 >>) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:102) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at >>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java >>:109) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:104) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) >> at >>org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) >> at >>org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) >> at >>org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne >>ction(Http11Protocol.java:705) >> at >>org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) >> at >>org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav >>a:683) >> at java.lang.Thread.run(Thread.java:534) >>Caused by: java.lang.ClassCastException >> at >>org.apache.axis.deployment.wsdd.WSDDTargetedChain.makeNewInstance(WSDDTarget >>edChain.java:157) >> at >>org.apache.axis.deployment.wsdd.WSDDDeployableItem.getNewInstance(WSDDDeploy >>ableItem.java:274) >> at >>org.apache.axis.deployment.wsdd.WSDDDeployableItem.getInstance(WSDDDeployabl >>eItem.java:260) >> at >>org.apache.axis.deployment.wsdd.WSDDDeployment.getTransport(WSDDDeployment.j >>ava:394) >> at >>org.apache.axis.configuration.FileProvider.getTransport(FileProvider.java:25 >>7) >> at org.apache.axis.AxisEngine.getTransport(AxisEngine.java:332) >> at org.apache.axis.client.AxisClient.invoke(AxisClient.java:163) >> ... 38 more >>- END: Webservice >>SampleLoginModule abort() - BEGIN >>SampleLoginModule abort() - END >>- Login exception authenticating username teste >>javax.security.auth.login.LoginException: java.lang.NullPointerException >> at jaas.module.SampleLoginModule.login(SampleLoginModule.java:217) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >>sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39 >>) >> at >>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl >>.java:25) >> at java.lang.reflect.Method.invoke(Method.java:324) >> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675) >> at >>javax.security.auth.login.LoginContext.access$000(LoginContext.java:129) >> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610) >> at java.security.AccessController.doPrivileged(Native Method) >> at >>javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607) >> at javax.security.auth.login.LoginContext.login(LoginContext.java:534) >> at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:316) >> at >>org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthent >>icator.java:229) >> at >>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase >>.java:446) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:102) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at >>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137 >>) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:104) >> at >>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118 >>) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:102) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at >>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java >>:109) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:104) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) >> at >>org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) >> at >>org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) >> at >>org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne >>ction(Http11Protocol.java:705) >> at >>org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) >> at >>org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav >>a:683) >> at java.lang.Thread.run(Thread.java:534) >> >> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:730) >> at >>javax.security.auth.login.LoginContext.access$000(LoginContext.java:129) >> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610) >> at java.security.AccessController.doPrivileged(Native Method) >> at >>javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607) >> at javax.security.auth.login.LoginContext.login(LoginContext.java:534) >> at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:316) >> at >>org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthent >>icator.java:229) >> at >>org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase >>.java:446) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:102) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at >>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137 >>) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:104) >> at >>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118 >>) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:102) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at >>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java >>:109) >> at >>org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContex >>t.java:104) >> at >>org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520) >> at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929) >> at >>org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160) >> at >>org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799) >> at >>org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne >>ction(Http11Protocol.java:705) >> at >>org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577) >> at >>org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav >>a:683) >> at java.lang.Thread.run(Thread.java:534) >> >> >> > > > > > >/* > * @(#)SampleLoginModule.java 1.18 00/01/11 > * > * Copyright 2000-2002 Sun Microsystems, Inc. All Rights Reserved. > * > * Redistribution and use in source and binary forms, with or > * without modification, are permitted provided that the following > * conditions are met: > * > * -Redistributions of source code must retain the above copyright > * notice, this list of conditions and the following disclaimer. > * > * -Redistribution in binary form must reproduct the above copyright > * notice, this list of conditions and the following disclaimer in > * the documentation and/or other materials provided with the > * distribution. > * > * Neither the name of Sun Microsystems, Inc. or the names of > * contributors may be used to endorse or promote products derived > * from this software without specific prior written permission. > * > * This software is provided "AS IS," without a warranty of any > * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND > * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, > * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY > * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY > * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR > * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR > * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE > * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, > * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER > * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF > * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN > * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. > * > * You acknowledge that Software is not designed, licensed or > * intended for use in the design, construction, operation or > * maintenance of any nuclear facility. > */ > >package jaas.module; > >import jaas.principal.RolePrincipal; >import jaas.principal.SamplePrincipal; > >import java.util.Map; > >import javax.security.auth.Subject; >import javax.security.auth.callback.Callback; >import javax.security.auth.callback.CallbackHandler; >import javax.security.auth.callback.NameCallback; >import javax.security.auth.callback.PasswordCallback; >import javax.security.auth.callback.UnsupportedCallbackException; >import javax.security.auth.login.FailedLoginException; >import javax.security.auth.login.LoginException; >import javax.security.auth.spi.LoginModule; > >import org.apache.log4j.Logger; > >import com.jcms.Axis.Webservices; >import com.jcms.Axis.WSPortal.model.VerificaAutenticacaoModel; > >/** > * <p> This sample LoginModule authenticates users with a password. > * > * <p> If testUser successfully authenticates itself, > * a <code>SamplePrincipal</code> with the testUser's user name > * is added to the Subject. > * > * <p> This LoginModule recognizes the debug option. > * If set to true in the login Configuration, > * debug messages will be output to the output stream, System.out. > * > * @version 1.18, 01/11/00 > */ >public class SampleLoginModule implements LoginModule { > > static Logger logger = Logger.getLogger(SampleLoginModule.class); > > // initial state > private Subject subject; > private CallbackHandler callbackHandler; > private Map sharedState; > private Map options; > > // configurable option > private boolean debug = false; > > // the authentication status > private boolean succeeded = false; > private boolean commitSucceeded = false; > > // username and password > private String username; > private char[] password; > > // testUser's SamplePrincipal > private SamplePrincipal userPrincipal; > private RolePrincipal rolePrincipal; > > /** > * Initialize this <code>LoginModule</code>. > * > * <p> > * > * @param subject the <code>Subject</code> to be authenticated. <p> > * > * @param callbackHandler a <code>CallbackHandler</code> for communicating > * with the end user (prompting for user names and > * passwords, for example). <p> > * > * @param sharedState shared <code>LoginModule</code> state. <p> > * > * @param options options specified in the login > * <code>Configuration</code> for this particular > * <code>LoginModule</code>. > */ > public void initialize(Subject subject, CallbackHandler callbackHandler, > Map sharedState, Map options) { > > // initialize any configured options > debug = "true".equalsIgnoreCase((String)options.get("debug")); > > if(debug) > System.out.println("SampleLoginModule initialize() - > BEGIN"); > > this.subject = subject; > this.callbackHandler = callbackHandler; > this.sharedState = sharedState; > this.options = options; > > if(debug) > System.out.println("SampleLoginModule initialize() - > END"); > } > > /** > * Authenticate the user by prompting for a user name and password. > * > * <p> > * > * @return true in all cases since this <code>LoginModule</code> > * should not be ignored. > * > * @exception FailedLoginException if the authentication fails. <p> > * > * @exception LoginException if this <code>LoginModule</code> > * is unable to perform the authentication. > */ > public boolean login() throws LoginException { > > if(debug) > System.out.println("SampleLoginModule login() - BEGIN"); > > // prompt for a user name and password > if (callbackHandler == null) > throw new LoginException("Error: no CallbackHandler > available " + > "to garner authentication information from the > user"); > Callback[] callbacks = new Callback[2]; > callbacks[0] = new NameCallback("user name: "); > callbacks[1] = new PasswordCallback("password: ", false); > > try { > //gets the username and password from callbackHandler > callbackHandler.handle(callbacks); > username = ((NameCallback)callbacks[0]).getName(); > char[] tmpPassword = > ((PasswordCallback)callbacks[1]).getPassword(); > if (tmpPassword == null) { > // treat a NULL password as an empty password > tmpPassword = new char[0]; > } > //copy the password to a new char and delete tmpPassword > password = new char[tmpPassword.length]; > System.arraycopy(tmpPassword, 0, > password, 0, tmpPassword.length); > ((PasswordCallback)callbacks[1]).clearPassword(); > > } catch (java.io.IOException ioe) { > throw new LoginException(ioe.toString()); > } catch (UnsupportedCallbackException uce) { > throw new LoginException("Error: " + > uce.getCallback().toString() + > " not available to garner authentication information " + > "from the user"); > } > > // print debugging information > if (debug) { > System.out.println("\t[SampleLoginModule] " + > "user entered user name: " + > username); > System.out.print("\t[SampleLoginModule] " + > "user entered password: "); > for (int i = 0; i < password.length; i++) > System.out.print(password[i]); > System.out.println(); > } > > // verify the username/password - TEMP [TODO] > String passwordDescriptor = ""; > for (int i = 0; i < password.length; i++) > passwordDescriptor += password[i]; > > boolean usernameCorrect = false; > boolean passwordCorrect = false; > > logger.info("\tBEGIN: Webservice"); > logger.debug("BEGIN: Webservices webservice = new > Webservices()"); > Webservices webservice = new Webservices(); > logger.debug("END: Webservices webservice = new Webservices()"); > logger.debug("BEGIN: verificaAutenticacao"); > VerificaAutenticacaoModel verificaAutenticacao = > webservice.VerificaAutenticacao(username, passwordDescriptor); > logger.debug("END: verificaAutenticacao"); > logger.info("\tEND: Webservice"); > > if(verificaAutenticacao.getCode() == 1){ > //if(true){ > // authentication succeeded!!! > > // put values on session > //session.setAttribute("user", username); > > passwordCorrect = true; > if (debug) > System.out.println("\t[SampleLoginModule] " + > "authentication succeeded"); > succeeded = true; > if(debug) > System.out.println("SampleLoginModule login() - END"); > return true; > } else { > > // authentication failed -- clean out state > if (debug) > System.out.println("\t[SampleLoginModule] " + > "authentication failed"); > succeeded = false; > username = null; > for (int i = 0; i < password.length; i++) > password[i] = ' '; > password = null; > if(debug) > System.out.println("SampleLoginModule login() - END"); > if (!usernameCorrect) { > throw new FailedLoginException("User Name Incorrect"); > } else { > throw new FailedLoginException("Password Incorrect"); > } > } > } > > /** > * <p> This method is called if the LoginContext's > * overall authentication succeeded > * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules > * succeeded). > * > * <p> If this LoginModule's own authentication attempt > * succeeded (checked by retrieving the private state saved by the > * <code>login</code> method), then this method associates a > * <code>SamplePrincipal</code> > * with the <code>Subject</code> located in the > * <code>LoginModule</code>. If this LoginModule's own > * authentication attempted failed, then this method removes > * any state that was originally saved. > * > * <p> > * > * @exception LoginException if the commit fails. > * > * @return true if this LoginModule's own login and commit > * attempts succeeded, or false otherwise. > */ > public boolean commit() throws LoginException { > if(debug) > System.out.println("SampleLoginModule commit() - BEGIN"); > if (succeeded == false) { > if(debug) > System.out.println("SampleLoginModule commit() - END, return > FALSE"); > return false; > } else { > // add a Principal (authenticated identity) > // to the Subject > > // assume the user we authenticated is the SamplePrincipal > userPrincipal = new SamplePrincipal(username); > rolePrincipal = new RolePrincipal("normalUser"); > > if (!subject.getPrincipals().contains(userPrincipal)){ > if(debug) > System.out.println("DON't contain userPrincipal"); > subject.getPrincipals().add(userPrincipal); > } > if(!subject.getPrincipals().contains(rolePrincipal)) { > if (debug) > System.out.println("DON't contain RolePrincipal"); > subject.getPrincipals().add(rolePrincipal); > } else { > if (debug) > System.out.println("CONTAIN's RolePrincipal"); > } > > if (debug) { > System.out.println("\t[SampleLoginModule] " + > "added SamplePrincipal and RolePrincipal to > Subject"); > } > > // in any case, clean out state > username = null; > for (int i = 0; i < password.length; i++) > password[i] = ' '; > password = null; > > commitSucceeded = true; > if(debug) > System.out.println("SampleLoginModule commit() - END, return > TRUE"); > return true; > } > } > > /** > * <p> This method is called if the LoginContext's > * overall authentication failed. > * (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules > * did not succeed). > * > * <p> If this LoginModule's own authentication attempt > * succeeded (checked by retrieving the private state saved by the > * <code>login</code> and <code>commit</code> methods), > * then this method cleans up any state that was originally saved. > * > * <p> > * > * @exception LoginException if the abort fails. > * > * @return false if this LoginModule's own login and/or commit attempts > * failed, and true otherwise. > */ > public boolean abort() throws LoginException { > if(debug) > System.out.println("SampleLoginModule abort() - BEGIN"); > if (succeeded == false) { > if(debug) > System.out.println("SampleLoginModule abort() - END"); > return false; > } else if (succeeded == true && commitSucceeded == false) { > // login succeeded but overall authentication failed > succeeded = false; > username = null; > if (password != null) { > for (int i = 0; i < password.length; i++) > password[i] = ' '; > password = null; > } > userPrincipal = null; > } else { > // overall authentication succeeded and commit succeeded, > // but someone else's commit failed > logout(); > } > if(debug) > System.out.println("SampleLoginModule abort() - END"); > return true; > } > > /** > * Logout the user. > * > * <p> This method removes the <code>SamplePrincipal</code> > * that was added by the <code>commit</code> method. > * > * <p> > * > * @exception LoginException if the logout fails. > * > * @return true in all cases since this <code>LoginModule</code> > * should not be ignored. > */ > public boolean logout() throws LoginException { > if(debug) > System.out.println("SampleLoginModule logout() - BEGIN"); > subject.getPrincipals().remove(userPrincipal); > succeeded = false; > succeeded = commitSucceeded; > username = null; > if (password != null) { > for (int i = 0; i < password.length; i++) > password[i] = ' '; > password = null; > } > userPrincipal = null; > if(debug) > System.out.println("SampleLoginModule logout() - END"); > return true; > } >} >