Re: [Acegisecurity-developer] Acegi 0.8.3 to 0.9.0 errors
Tiny URL version: http://tinyurl.com/8zhka
On 11/7/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Oliver,
Very, very interesting - excellent find. I have several things to
test tomorrow.
Scott
-Original Message-
From: Oliver Hutchison [mailto:[EMAIL PROTECTED]
Sent: Monday, November 07, 2005 11:13 PM
To: acegisecurity-developer@lists.sourceforge.net
Subject: RE: [Acegisecurity-developer] Acegi 0.8.3 to 0.9.0 errors
Looks like this you hit this:
http://groups.google.com/groups?hl=delr=ie=UTF-8oe=UTF-8th
readm=3F84
200E.4060207%40profitsoftware.comrnum=1prev=/groups%3Fq%3D%2
52Binherit
ablethreadlocal%2Bnullpointerexception%26ie%3DUTF-8%26oe%3DUTF
-8%26hl%3D
de
http://groups.google.com/groups?hl=delr=ie=UTF-8oe=UTF-8t
hreadm=3F8
4200E.4060207%40profitsoftware.comrnum=1prev=/groups%3Fq%3D%
252Binheri
tablethreadlocal%2Bnullpointerexception%26ie%3DUTF-8%26oe%3DUT
F-8%26hl%3
Dde
HTH
Ollie
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
On Behalf Of Mark St.Godard
Sent: Tuesday, 8 November 2005 2:46 PM
To: acegisecurity-developer@lists.sourceforge.net
Subject: Re: [Acegisecurity-developer] Acegi 0.8.3 to
0.9.0 errors
I dont think its in the Assert...from the stackTrace it
looks like it is getting into the contextHolder.set( ) when it NPEs
I use Websphere 6 and Tomcat 5.5 ... I will also
upgrade to 0.9 tomorow and see if it
displays the appropriate behavior.
Cheers,
Mark
On 11/7/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Hi Mark and Ben,
I'm using WSAD 5.1 with its built-in
Websphere 5.0 Test Environment on Windows XP Pro, then
deploying to a Websphere Application Server 5.0 instance on
Windows 2000 Server. Websphere 5.0 is still widely used in
the financial industry, and uses IBM's JDK 1.3.
It isn't practical for me to test the app under Tomcat due to
some classloading issue I haven't had time to debug, but I
suspect it would work OK (as would running it within WAS
6.0). I'd be glad to switch the code back to ThreadLocal but
I'm wondering if the Assert code might actually be the problem?
Thanks,
Scott
From: Mark St.Godard [mailto:[EMAIL PROTECTED] ]
Sent: Monday, November 07, 2005 9:34 PM
To: acegisecurity-developer@lists.sourceforge.net
mailto:acegisecurity-developer@lists.sourceforge.net
Subject: Re: [Acegisecurity-developer] Acegi
0.8.3 to 0.9.0 errors
Ben, Scott,
Scott what version of Websphere are you running?
What JRE/JDK version?
Ben the code looks fine... seems
abnormal for InheritableThreadLocal to NPE...
Scott, try without the InheritableTL or
as Ben suggests try a different servlet container / appserver
if you can.
Cheers,
Mark
On 11/7/05, Ben Alex [EMAIL PROTECTED]
wrote:
[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
[11/7/05 15:24:43:513 EST] 5a6d5a6d
WebGroup E SRVE0026E:
[Servlet Error]-[Filter
[Acegi Filter Chain Proxy]: filter is
unavailable.]:
java.lang.NullPointerException
at
java.lang.Throwable.init(Throwable.java)
at java.lang.Throwable
.init(Throwable.java)
at
java.lang.NullPointerException.init(NullPointerException.java:63)
at
java.lang.InheritableThreadLocal.set(InheritableThreadLocal.java :95)
at
net.sf.acegisecurity.context.SecurityContextHolder.setContext(
SecurityCo
ntextHolder.java:58)
at
net.sf.acegisecurity.context.HttpSessionContextIntegrationFilt
er.doFilte
r (HttpSessionContextIntegrationFilter.java:207)
Very odd. If you look at the code for
SecurityContextHolder:
private static
InheritableThreadLocal contextHolder = new
InheritableThreadLocal();
public static void
setContext(SecurityContext context) {
Assert.notNull(context,
RE: [Acegisecurity-developer] Acegi 0.8.3 to 0.9.0 errors
Oliver, You were absolutely right - it's an IBM JDK 1.3 issue. I can't post to the developer group from work right now, so could you forward this for me? I started WSAD 5.1 and its Websphere 5.0's test environment in run mode (debug disabled) and everything ran fine with 0.9.0-SNAPSHOT, but ONLY in run mode - debug mode failed with the NPE I reported earlier. I then dropped in 0.9.0-SNAPHOT-WITH-THREADLOCAL and sure enough, both the run mode and debug mode worked fine. This looks to only effect WSAD 5.x users debugging with the Websphere 5.0 Test Environment. I recommend that 0.9.0 still get released with a mention in the 0.8.0-0.9.0 upgrade doc about this and that a 0.9.0-FOR-IBM-JDK-1.3 (or whatever) be available for users still on WSAD 5.x. Thoughts? Scott Quoting Oliver Hutchison [EMAIL PROTECTED]: Looks like this you hit this: http://groups.google.com/groups?hl=delr=ie=UTF-8oe=UTF-8threadm=3F84[1] 200E.4060207%40profitsoftware.comrnum=1prev=/groups%3Fq%3D%252Binherit ablethreadlocal%2Bnullpointerexception%26ie%3DUTF-8%26oe%3DUTF-8%26hl%3D de http://groups.google.com/groups?hl=delr=ie=UTF-8oe=UTF-8threadm=3F8[2] 4200E.4060207%40profitsoftware.comrnum=1prev=/groups%3Fq%3D%252Binheri tablethreadlocal%2Bnullpointerexception%26ie%3DUTF-8%26oe%3DUTF-8%26hl%3 Dde Links: -- [1] /horde/services/go.php?url=http%3A%2F%2Fgroups.google.com%2Fgroups%3Fhl%3Dde%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26threadm%3D3F84 [2] /horde/services/go.php?url=http%3A%2F%2Fgroups.google.com%2Fgroups%3Fhl%3Dde%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26threadm%3D3F8 --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
FW: [Acegisecurity-developer] Acegi 0.8.3 to 0.9.0 errors
Forwarded on for Scott -Original Message- From: Scott McCrory [mailto:[EMAIL PROTECTED] Sent: Wednesday, 9 November 2005 3:10 AM To: Oliver Hutchison Cc: acegisecurity-developer@lists.sourceforge.net Subject: RE: [Acegisecurity-developer] Acegi 0.8.3 to 0.9.0 errors Oliver, You were absolutely right - it's an IBM JDK 1.3 issue. I can't post to the developer group from work right now, so could you forward this for me? I started WSAD 5.1 and its Websphere 5.0's test environment in run mode (debug disabled) and everything ran fine with 0.9.0-SNAPSHOT, but ONLY in run mode - debug mode failed with the NPE I reported earlier. I then dropped in 0.9.0-SNAPHOT-WITH-THREADLOCAL and sure enough, both the run mode and debug mode worked fine. This looks to only effect WSAD 5.x users debugging with the Websphere 5.0 Test Environment. I recommend that 0.9.0 still get released with a mention in the 0.8.0-0.9.0 upgrade doc about this and that a 0.9.0-FOR-IBM-JDK-1.3 (or whatever) be available for users still on WSAD 5.x. Thoughts? Scott Quoting Oliver Hutchison [EMAIL PROTECTED]: Looks like this you hit this: http://groups.google.com/groups?hl=delr=ie=UTF-8oe=UTF-8threadm=3F84 [1] 200E.4060207%40profitsoftware.comrnum=1prev=/groups%3Fq%3D%252Binherit ablethreadlocal%2Bnullpointerexception%26ie%3DUTF-8%26oe%3DUTF-8%26hl%3D de http://groups.google.com/groups?hl=delr=ie=UTF-8oe=UTF-8threadm=3F8 [2] 4200E.4060207%40profitsoftware.comrnum=1prev=/groups%3Fq%3D%252Binheri tablethreadlocal%2Bnullpointerexception%26ie%3DUTF-8%26oe%3DUTF-8%26hl%3 Dde Links: -- [1] /horde/services/go.php?url=http%3A%2F%2Fgroups.google.com%2Fgroups%3Fhl% 3Dde%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26threadm%3D3F84 [2] /horde/services/go.php?url=http%3A%2F%2Fgroups.google.com%2Fgroups%3Fhl% 3Dde%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26threadm%3D3F8 --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Preparing for 0.9.0
On Nov 3, 2005, at 9:51 AM, Ben Alex wrote:
Hi everyone
CVS now contains pretty much all the tasks scheduled for 0.9.0. The
roadmap is at:
http://opensource2.atlassian.com/projects/spring/browse/SEC?
report=com.atlassian.jira.plugin.system.project:roadmap-panel
I'd be grateful if people using CVS could checkout and provide
feedback on the changes / stability of the code over the next
couple of days so that we can release.
Cheers
I've been attempting to upgrade AppFuse to use 0.9.0 (from 0.8.3) for
the last hour or so and I've had pretty good luck so far. However,
there's one issue that I can't seem to solve. With 0.8.3, I used the
following to automatically login a user after they registered:
// log user in automatically
Authentication auth = new UsernamePasswordAuthenticationToken
(user.getUsername(), user.getConfirmPassword());
auth.sentAuthenticated(true);
try {
ProviderManager authenticationManager = (ProviderManager)
getBean(authenticationManager);
SecurityContext ctx = SecurityContextHolder.getContext();
ctx.setAuthentication
(authenticationManager.doAuthentication(auth));
} catch (NoSuchBeanDefinitionException n) {
// ignore, should only happen when testing
}
(of course, class names have been changed for 0.9.0).
With 0.9.0, this doesn't work. First of all, I needed to change the
constructor of UsernamePasswordAuthenticationToken to:
Authentication auth = new UsernamePasswordAuthenticationToken
(user.getUsername(), user.getConfirmPassword(),
new GrantedAuthority[] {new GrantedAuthorityImpl
(Constants.USER_ROLE)});
But this doesn't seem to solve anything. I also tried reseetting the
SecurityContext on the SecurityContextHolder, but that doesn't seem
to help either.
ctx.setAuthentication
(authenticationManager.doAuthentication(auth));
SecurityContextHolder.setContext(ctx);
Here's a diff of changes I've made in my applicationContext-
security.xml file:
Index: applicationContext-security.xml
===
RCS file: /cvs/appfuse/web/WEB-INF/applicationContext-security.xml,v
retrieving revision 1.14
diff -u -r1.14 applicationContext-security.xml
--- applicationContext-security.xml19 Sep 2005 22:03:36 -
1.14
+++ applicationContext-security.xml8 Nov 2005 06:46:50 -
@@ -47,8 +47,8 @@
/property
/bean
-!-- Automatically receives AuthenticationEvent messages from
DaoAuthenticationProvider --
-bean id=loggerListener
class=net.sf.acegisecurity.providers.dao.event.LoggerListener/
+!-- Log failed authentication attempts to commons-logging --
+bean id=loggerListener
class=net.sf.acegisecurity.event.authentication.LoggerListener/
bean id=daoAuthenticationProvider
class=net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider
property name=authenticationDao
ref=jdbcAuthenticationDao/
@@ -100,9 +100,7 @@
/bean
!-- = HTTP REQUEST SECURITY
--
-bean id=httpSessionContextIntegrationFilter
class=net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter
-property name=context
value=net.sf.acegisecurity.context.security.SecureContextImpl/
-/bean
+bean id=httpSessionContextIntegrationFilter
class=net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter
/
bean id=authenticationProcessingFilter
class=net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter
property name=authenticationManager
ref=authenticationManager/
@@ -122,7 +120,7 @@
property name=authenticationEntryPoint
ref=authenticationProcessingFilterEntryPoint/
/bean
-bean id=remoteUserFilter
class=net.sf.acegisecurity.wrapper.ContextHolderAwareRequestFilter/
+bean id=remoteUserFilter
class=net.sf.acegisecurity.wrapper.SecurityContextHolderAwareRequestFil
ter/
bean id=authenticationProcessingFilterEntryPoint
class=net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntr
yPoint
property name=loginFormUrl value=/login.jsp/
Thanks,
Matt
---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
___
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Preparing for 0.9.0
Matt Raible wrote:
// log user in automatically
Authentication auth = new UsernamePasswordAuthenticationToken
(user.getUsername(), user.getConfirmPassword());
auth.sentAuthenticated(true);
try {
ProviderManager authenticationManager = (ProviderManager)
getBean(authenticationManager);
SecurityContext ctx = SecurityContextHolder.getContext();
ctx.setAuthentication
(authenticationManager.doAuthentication(auth));
} catch (NoSuchBeanDefinitionException n) {
// ignore, should only happen when testing
}
You can continue to use the constructor shown above, but don't call
setAuthenticated(true). This will be performed by the
UsernamePasswordAuthenticationToken when the AuthenticationProvider
creates a new Authentication object to return. You don't want to be
setting it earlier, as the GrantedAuthority[]s haven't been populated.
Whilst not Acegi Security related, you might like to consider dependency
injecting that authenticationManager rather than performing a lookup.
Maybe try:
Authentication auth = new UsernamePasswordAuthenticationToken
(user.getUsername(), user.getConfirmPassword());
Authentication response = authenticationManager.authenticate(auth);
SecurityContextHolder.getContext().setAuthentication(response);
If this still doesn't work, try following the debug logs. It might be
something to do with filters changing the SecurityContextHolder,
particularly if you're going from an anonymous user. Did you see the
Logic bug with AnonymousProcessingFilter thread yesterday?
Cheers
Ben
---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
___
Home: http://acegisecurity.sourceforge.net
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Acegi 0.8.3 to 0.9.0 errors
Ben Alex wrote: I'd prefer to avoid multiple releases floating around. We should revert back to a standard ThreadLocal and not an InheritableThreadLocal and release 0.9.0. Does anyone really require InheritableThreadLocal behaviour? I've checked in the change to use ThreadLocal. This is consistent with Spring's TransactionSynchronizationManager and AopContext (but interestingly not with LocaleContextHolder). Cheers Ben --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Acegi 0.8.3 to 0.9.0 errors
Quoting Ben Alex [EMAIL PROTECTED]: Ben Alex wrote: I'd prefer to avoid multiple releases floating around. We should revert back to a standard ThreadLocal and not an InheritableThreadLocal and release 0.9.0. Does anyone really require InheritableThreadLocal behaviour? I've checked in the change to use ThreadLocal. This is consistent with Spring's TransactionSynchronizationManager and AopContext (but interestingly not with LocaleContextHolder). Cheers Ben FYI I tested Acegi 0.9.0-SNAPSHOT-WITH-THREADLOCAL in our app for 4-6 hours today and all looks well. Scott --- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42 plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php ___ Home: http://acegisecurity.sourceforge.net Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
