I have configured Tomcat to do JAAS authentication using a custom login/error page. I am getting a nullponterexception as defined below. Log messages indicate that my JAAS authentication module is invoked and returning 'true' from the auth module ::commit function. I have defined my own User and Role principle and specified in server.xml file. Any suggestions on how to debug the NPE that isn't in my code? I'm not sure what to look at next... Thanks. --Marco
Exception ======= INFO: Server startup in 9775 ms Aug 11, 2010 4:52:12 PM org.apache.catalina.connector.CoyoteAdapter service SEVERE: An exception or error occurred in the container during the request processing java.lang.NullPointerException at java.util.Arrays.binarySearch0(Arrays.java:2001) at java.util.Arrays.binarySearch(Arrays.java:1943) at org.apache.catalina.realm.GenericPrincipal.hasRole(GenericPrincipal.java:211) at org.apache.catalina.realm.RealmBase.hasRole(RealmBase.java:872) at org.apache.catalina.realm.RealmBase.hasResourcePermission(RealmBase.java:795) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:545) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:619) Realm Definition ========== <Realm className = "org.apache.catalina.realm.JAASRealm" appName="mikros" userClassNames="mikros.UserPrincipal" roleClassNames="mikros.RolePrincipal" /> JAAS Login Module =========== public class Authenticator implements LoginModule { private static Logger log = Logger.getLogger(Authenticator.class); String loginName; CallbackHandler handler; Subject subject; Map<String, ?> sharedState; Map<String, ?> options; private boolean loginPassed = false; public Authenticator() { } @Override public boolean abort() throws LoginException { // TODO Auto-generated method stub return false; } @Override public boolean commit() throws LoginException { try { UserPrincipal user = new UserPrincipal(loginName); RolePrincipal role = new RolePrincipal("admin"); subject.getPrincipals().add(user); subject.getPrincipals().add(role); log.debug("Added user and role principals."); } catch (Exception e) { throw new LoginException(e.getMessage()); } return true; } @Override public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) { this.subject = subject; this.handler = callbackHandler; this.sharedState = sharedState; this.options = options; } @Override public boolean login() throws LoginException { log.debug("::login"); String name = ""; String pass = ""; Context env = null; boolean passed = false; Callback[] callbacks = new Callback[2]; callbacks[0] = new NameCallback("Username:"); callbacks[1] = new PasswordCallback("Password:", false); try { handler.handle(callbacks); NameCallback nameCallback = (NameCallback) callbacks[0]; name = nameCallback.getName(); PasswordCallback passwordCallback = (PasswordCallback) callbacks[1]; pass = new String(passwordCallback.getPassword()); log.debug("log in name:" + name + " password:" + pass); if (name.equals("foo") && pass.equals("bar")) { loginPassed = true; loginName = name; log.debug("login passed."); } else { loginPassed = false; log.debug("login failed."); } return loginPassed; } catch (Exception e) { throw new LoginException(e.getMessage()); } } @Override public boolean logout() throws LoginException { try { UserPrincipal user = new UserPrincipal(loginName); RolePrincipal role = new RolePrincipal("admin"); subject.getPrincipals().remove(user); subject.getPrincipals().remove(role); log.debug("Logged out:" + loginName); } catch (Exception e) { throw new LoginException(e.getMessage()); } return true; } } -- View this message in context: http://old.nabble.com/Tomcat-JAAS-Authentication-tp29420005p29420005.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org