-
Bug
-
Resolution: Won't Do
-
Major
-
JBossAS-4.0.4RC1
-
None
-
Windows XP
JBossAS 4.0.4RC1
EJB 3
Java 1.5.0_04
I have a stateless bean like this that has some security on it.
=============
@Stateless
@SecurityDomain("avaloninfo_biz")
public class CatalogManager implements ICatalogManager {
@PersistenceContext
private EntityManager em;
....
@PermitAll
public Set<Package> getPackages(PackageSearchCriteria criteria)
@RolesAllowed(
{"admin"})
public Package savePackage(Package p)
}
=============
Part of the site is secured and other parts aren't. The same beans are used on both parts of the site. I am using FORM based login.
When I am NOT logged in and goto the part of the site that is not secure and uses the bean I have above I get an exception. It seems try to do some security checking, which is good, but since I am not logged in I get an exception. Here is the full stack trace from the exception:
javax.faces.el.EvaluationException: /register/real-estate.html @217,57 value="#
{placeOrder.packages}": Exception getting value of property packages of
base of type : biz.avaloninfo.site.PlaceOrder
at com.sun.facelets.el.LegacyValueBinding.getValue(LegacyValueBinding.java:60)
at javax.faces.component.UISelectItems.getValue(UISelectItems.java:55)
at org.apache.myfaces.util.SelectItemsIterator.hasNext(SelectItemsIterator.java:102)
at org.apache.myfaces.renderkit.RendererUtils.internalGetSelectItemList(RendererUtils.java:477)
at org.apache.myfaces.renderkit.RendererUtils.getSelectItemList(RendererUtils.java:453)
at org.apache.myfaces.renderkit.html.HtmlRendererUtils.internalRenderSelect(HtmlRendererUtils.java:278)
at org.apache.myfaces.renderkit.html.HtmlRendererUtils.renderMenu(HtmlRendererUtils.java:252)
at org.apache.myfaces.renderkit.html.HtmlMenuRendererBase.encodeEnd(HtmlMenuRendererBase.java:54)
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:536)
at org.apache.myfaces.renderkit.RendererUtils.renderChild(RendererUtils.java:442)
at org.apache.myfaces.renderkit.RendererUtils.renderChildren(RendererUtils.java:419)
at org.apache.myfaces.renderkit.html.HtmlGroupRendererBase.encodeEnd(HtmlGroupRendererBase.java:74)
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:536)
at org.apache.myfaces.renderkit.RendererUtils.renderChild(RendererUtils.java:442)
at org.apache.myfaces.renderkit.html.HtmlGridRendererBase.renderChildren(HtmlGridRendererBase.java:215)
at org.apache.myfaces.renderkit.html.HtmlGridRendererBase.encodeEnd(HtmlGridRendererBase.java:97)
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:536)
at org.apache.myfaces.renderkit.RendererUtils.renderChild(RendererUtils.java:442)
at org.apache.myfaces.renderkit.RendererUtils.renderChildren(RendererUtils.java:419)
at org.apache.myfaces.renderkit.html.HtmlGroupRendererBase.encodeEnd(HtmlGroupRendererBase.java:74)
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:536)
at com.sun.facelets.FaceletViewHandler.encodeRecursive(FaceletViewHandler.java:554)
at com.sun.facelets.FaceletViewHandler.encodeRecursive(FaceletViewHandler.java:551)
at com.sun.facelets.FaceletViewHandler.encodeRecursive(FaceletViewHandler.java:551)
at com.sun.facelets.FaceletViewHandler.renderView(FaceletViewHandler.java:457)
at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:372)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:138)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.myfaces.component.html.util.ExtensionsFilter.doFilter(ExtensionsFilter.java:124)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrincipalValve.java:54)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:174)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:663)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.faces.el.EvaluationException: Bean: biz.avaloninfo.site.PlaceOrder, property: packages
at org.apache.myfaces.el.PropertyResolverImpl.getProperty(PropertyResolverImpl.java:442)
at org.apache.myfaces.el.PropertyResolverImpl.getValue(PropertyResolverImpl.java:82)
at com.sun.facelets.el.LegacyELContext$LegacyELResolver.getValue(LegacyELContext.java:141)
at com.sun.el.parser.AstValue.getValue(AstValue.java:96)
at com.sun.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:183)
at com.sun.facelets.el.TagValueExpression.getValue(TagValueExpression.java:71)
at com.sun.facelets.el.LegacyValueBinding.getValue(LegacyValueBinding.java:56)
... 49 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.myfaces.el.PropertyResolverImpl.getProperty(PropertyResolverImpl.java:438)
... 55 more
Caused by: javax.ejb.EJBAccessException: Authentication failure
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.handleGeneralSecurityException(Ejb3AuthenticationInterceptor.java:46)
at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:71)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:98)
at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:47)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:98)
at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:98)
at org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:178)
at org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:74)
at $Proxy277.getPackages(Unknown Source)
at biz.avaloninfo.site.PlaceOrder.getPackages(PlaceOrder.java:583)
... 60 more
Caused by: javax.security.auth.login.LoginException: java.lang.NullPointerException
at org.jboss.security.Util.createPasswordHash(Util.java:407)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.createPasswordHash(UsernamePasswordLoginModule.java:367)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:195)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:587)
Thank you.
