It seems that I can get this to work if I specify a TCCL prior to calling the login method. Seems like a bug in Aries JNDI to me. A TCCL should not be required.
/Bengt 2012/1/9 Bengt Rodehav <[email protected]> > I'm cross posting this message to both the Aries and the Shiro mailing > list since I do not know what the source of the problem is. > > I'm Using Apache Shiro 1.1.0 running in an OSGi container which is Apache > Karaf 2.2.4 (with Felix). I also use Apache Aries for JPA, blueprint and > transaction support. I use Aries JNDI 0.3.0. > > Shiro is unable to get an InitialContext. Shiro calls into the standard > JRE methods that in turn call Aries JNDI (I don't know why). I get the > following stack trace: > > *org.apache.shiro.authc.AuthenticationException: LDAP naming error while > attempting to authenticate user.* > * at > org.apache.shiro.realm.ldap.AbstractLdapRealm.doGetAuthenticationInfo(AbstractLdapRealm.java:196)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:175)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:179)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:264)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:269)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:247)[119:org.apache.shiro.core:1.1.0] > * > * at > se.digia.skistory.web.SessionHandler.doLogin(SessionHandler.java:57)[122:se.digia.skistory.web:1.0.0.SNAPSHOT] > * > * at > se.digia.skistory.web.SessionHandler.handle(SessionHandler.java:34)[122:se.digia.skistory.web:1.0.0.SNAPSHOT] > * > * at > se.digia.skistory.web.HistoryServlet.doPost(HistoryServlet.java:96)[122:se.digia.skistory.web:1.0.0.SNAPSHOT] > * > * at > javax.servlet.http.HttpServlet.service(HttpServlet.java:595)[94:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0] > * > * at > javax.servlet.http.HttpServlet.service(HttpServlet.java:668)[94:org.apache.geronimo.specs.geronimo-servlet_3.0_spec:1.0] > * > * at > org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:538)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] > * > * at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1352)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] > * > * at > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:74)[121:org.apache.shiro.web:1.1.0] > * > * at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] > * > * at > org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:359)[121:org.apache.shiro.web:1.1.0] > * > * at > org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:275)[121:org.apache.shiro.web:1.1.0] > * > * at > org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:344)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:272)[121:org.apache.shiro.web:1.1.0] > * > * at > se.digia.skistory.web.security.IniFilter.doFilterInternal(IniFilter.java:59)[122:se.digia.skistory.web:1.0.0.SNAPSHOT] > * > * at > org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:81)[121:org.apache.shiro.web:1.1.0] > * > * at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1323)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] > * > * at > org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:476)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] > * > * at > org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:70)[72:org.ops4j.pax.web.pax-web-jetty:1.0.7] > * > * at > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:517)[62:org.eclipse.jetty.security:7.4.5.v20110725] > * > * at > org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:225)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:937)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:116)[72:org.ops4j.pax.web.pax-web-jetty:1.0.7] > * > * at > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:406)[63:org.eclipse.jetty.servlet:7.4.5.v20110725] > * > * at > org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:183)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:871)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:72)[72:org.ops4j.pax.web.pax-web-jetty:1.0.7] > * > * at > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.eclipse.jetty.server.Server.handle(Server.java:342)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:589)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:1065)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:823)[57:org.eclipse.jetty.http:7.4.5.v20110725] > * > * at > org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:220)[57:org.eclipse.jetty.http:7.4.5.v20110725] > * > * at > org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411)[61:org.eclipse.jetty.server:7.4.5.v20110725] > * > * at > org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535)[56:org.eclipse.jetty.io:7 > .4.5.v20110725]* > * at > org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40)[56:org.eclipse.jetty.io:7 > .4.5.v20110725]* > * at > org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529)[55:org.eclipse.jetty.util:7.4.5.v20110725] > * > * at java.lang.Thread.run(Thread.java:662)[:1.6.0_25]* > *Caused by: javax.naming.NoInitialContextException: Unable to determine > caller's BundleContext* > * at > org.apache.aries.jndi.OSGiInitialContextFactoryBuilder.getInitialContext(OSGiInitialContextFactoryBuilder.java:49)[107:org.apache.aries.jndi.core:0.3.0] > * > * at > javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)[:1.6.0_25] > * > * at > javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)[:1.6.0_25] > * > * at javax.naming.InitialContext.init(InitialContext.java:223)[:1.6.0_25]* > * at > javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)[:1.6.0_25] > * > * at > org.apache.shiro.realm.ldap.DefaultLdapContextFactory.getLdapContext(DefaultLdapContextFactory.java:257)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.realm.ldap.DefaultLdapContextFactory.getLdapContext(DefaultLdapContextFactory.java:221)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm.queryForAuthenticationInfo(ActiveDirectoryRealm.java:108)[119:org.apache.shiro.core:1.1.0] > * > * at > org.apache.shiro.realm.ldap.AbstractLdapRealm.doGetAuthenticationInfo(AbstractLdapRealm.java:191)[119:org.apache.shiro.core:1.1.0] > * > * ... 48 more* > > While searching for a resolution I found the following: > > > http://mail-archives.apache.org/mod_mbox/incubator-aries-dev/201011.mbox/%[email protected]%3E > > It sounds like a similar problem but I can't see how (or if) it was > resolved. > > I appreciate any help regarding this, > > /Bengt >
