Hi David,
with updated source (see attached) I get attached exception and on the
console:
gr.uportal.filter
user: nipapado
user: nipapado not in portal db
user: nipapado not created1
thnx for your time,
V.
David Sean Taylor wrote:
On Jul 21, 2009, at 1:35 AM, Evangelos Vlachogiannis wrote:
Hi again,
thnx for the response. I use jetspeed 2.2 but I do not want to talk
directly to the LDAP.
I am introducing a filter based on PortalFilter (see attached
CASPortalFilter.java implementation in order to: (http://u-portal.gunet.gr:8080/uportal3/
)
- get the username of authenticated user -> done
- if username does not appear in portal db -> create new user with
username and assign default group/roles (in future I plan to
introduce a mapping mechanism)
- put principal in portal context
Problems till now:
- exception (see attached exception.txt) Any help ??
- As the CAS filter has a url-pattern="/*" (see web.xml) how can a
user see public pages without being redirected to CAS
Any help would be appreciated.
From the line number of the NPE, my guess is that the user is null
Do you see any of these exceptions occurring?
} catch (RegistrationException e1) {
// TODO Auto-generated catch block
System.out.println("user: " + userName + "
not created");
} catch (SecurityException e1) {
// TODO Auto-generated catch block
System.out.println("user: " + userName + "
not created");
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.392 / Virus Database: 270.13.20/2251 - Release Date: 07/20/09 18:29:00
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package gr.uportal.filter;
import java.io.IOException;
import java.security.Principal;
import java.util.List;
import javax.security.auth.Subject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.PortalReservedParameters;
import org.apache.jetspeed.administration.PortalAdministration;
import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
import org.apache.jetspeed.administration.PortalConfiguration;
import org.apache.jetspeed.administration.RegistrationException;
import org.apache.jetspeed.audit.AuditActivity;
import org.apache.jetspeed.cache.UserContentCacheManager;
import org.apache.jetspeed.components.ComponentManager;
import org.apache.jetspeed.login.LoginConstants;
import org.apache.jetspeed.login.filter.PortalRequestWrapper;
import org.apache.jetspeed.security.AuthenticatedUser;
import org.apache.jetspeed.security.AuthenticatedUserImpl;
import org.apache.jetspeed.security.AuthenticationProvider;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.RoleManager;
import org.apache.jetspeed.security.GroupManager;
import edu.yale.its.tp.cas.client.filter.CASFilter;
public class CASPortalFilter implements Filter {
protected String guest = "guest";
public void init(FilterConfig filterConfig) throws ServletException {
PortalConfiguration config = Jetspeed.getConfiguration();
if (config != null)
guest = config.getString("default.user.principal");
}
public void doFilter(ServletRequest sRequest, ServletResponse sResponse,
FilterChain filterChain) throws IOException,
ServletException {
HttpServletRequest request = null;
System.out.println("gr.uportal.filter");
request = (HttpServletRequest) sRequest;
ComponentManager cm = Jetspeed.getComponentManager();
UserManager userManager = (UserManager) cm
.getComponent("org.apache.jetspeed.security.UserManager");
HttpSession session = request.getSession(true);
// get username from CAS authentication
String userName = (String) session
.getAttribute(CASFilter.CAS_FILTER_USER);
System.out.println("user: " + userName);
User user = null;
// if user has been authenticated though CAS
if (userName != null) {
RoleManager roleManager = (RoleManager) cm
.getComponent("org.apache.jetspeed.security.RoleManager");
GroupManager groupManager = (GroupManager) cm
.getComponent("org.apache.jetspeed.security.GroupManager");
try {
// check if the user exists in the portal
database
user = userManager.getUser(userName);
} catch (SecurityException e) {
// TODO Auto-generated catch block
System.out.println("user: " + userName + " not
in portal db");
PortalAdministration portalAdministration =
(PortalAdministration) cm
.getComponent("PortalAdministration");
try {
// populate portal db with user and
appropriate group/roles
// FIXME: set default group/role ->
then introduce mapping
// mechanism
List roles =
roleManager.getRoles("user");
List groups =
groupManager.getGroups("");
//
portalAdministration.registerUser(userName,
//
portalAdministration.generatePassword(),roles,
// groups,null,null,null);
portalAdministration.registerUser(userName,
portalAdministration.generatePassword());
user = userManager.getUser(userName);
} catch (RegistrationException e1) {
// TODO Auto-generated catch block
System.out.println("user: " + userName
+ " not created1");
} catch (SecurityException e1) {
// TODO Auto-generated catch block
System.out.println("user: " + userName
+ " not created2");
}
}
// if user has not been authenticated though CAS
//FIXME: How do allow
} else {
//guest account
System.out.println("user: " + "guesss");
}
//put subject into jetspeed
Subject subject;
try {
// default solution using the build-in UserManager
subject = userManager.getSubject(user);
} catch (SecurityException e) {
// TODO: maybe some better handling required here
throw new ServletException(e);
}
sRequest = wrapperRequest(request, subject, user);
request.getSession().removeAttribute(LoginConstants.ERRORCODE);
session.setAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT,
subject);
System.out.println("*** login session = " + session);
sRequest.setAttribute(PortalReservedParameters.PORTAL_FILTER_ATTRIBUTE,
"true");
if (filterChain != null) {
filterChain.doFilter(sRequest, sResponse);
}
}
private ServletRequest wrapperRequest(HttpServletRequest request,
Subject subject, Principal principal) {
PortalRequestWrapper wrapper = new PortalRequestWrapper(request,
subject, principal);
return wrapper;
}
public void destroy() {
}
}
HTTP Status 500 -
type Exception report
message
description The server encountered an internal error () that prevented it from
fulfilling this request.
exception
java.lang.NullPointerException
org.apache.jetspeed.security.spi.impl.JetspeedSecurityPersistenceManager.getPasswordCredential(JetspeedSecurityPersistenceManager.java:495)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
$Proxy3.getPasswordCredential(Unknown Source)
org.apache.jetspeed.security.spi.impl.UserPasswordCredentialManagerImpl.getPasswordCredential(UserPasswordCredentialManagerImpl.java:51)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
$Proxy5.getPasswordCredential(Unknown Source)
org.apache.jetspeed.security.impl.UserManagerImpl.getPasswordCredential(UserManagerImpl.java:119)
org.apache.jetspeed.security.impl.UserManagerImpl.getSubject(UserManagerImpl.java:128)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
$Proxy6.getSubject(Unknown Source)
gr.uportal.filter.CASPortalFilter.doFilter(CASPortalFilter.java:132)
org.apache.jetspeed.engine.servlet.XXSUrlAttackFilter.doFilter(XXSUrlAttackFilter.java:52)
edu.yale.its.tp.cas.client.filter.CASFilter.doFilter(CASFilter.java:401)
note The full stack trace of the root cause is available in the Apache
Tomcat/6.0.18 logs.
Apache Tomcat/6.0.18
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
