Details
-
Bug
-
Resolution: Done
-
Blocker
-
EAP_EWP 5.2.0 ER5
-
None
-
NEW
Description
Usage of Picketlink WSAuthenticationHandler fails, because of wrongly processed security domain name.
<handler> <handler-name>WSAuthenticationHandler</handler-name> <handler-class>org.picketlink.trust.jbossws.handler.WSAuthenticationHandler</handler-class> </handler>
The method org.picketlink.trust.jbossws.handler.AbstractWSAuthenticationHandler.getAuthenticationManager(MessageContext) retrieves a security domain name from jboss-web.xml and concatenates it with SecurityConstants.JAAS_CONTEXT_ROOT ("java:/jaas").
For instance for security domain name "sts" it results in "java:/jaassts" instead of "java:/jaas/sts". Also the case when an user uses full JNDI name as security domain doesn't work - the result is "java:/jaasjava:/jaas/sts".
The request ends with NameNotFoundException:
19:42:31,251 ERROR [SOAPFaultHelperJAXWS] SOAP request exception java.lang.RuntimeException: javax.naming.NameNotFoundException: jaassts: not bound at org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler.lookupJNDI(AbstractPicketLinkTrustHandler.java:235) at org.picketlink.trust.jbossws.handler.AbstractWSAuthenticationHandler.getAuthenticationManager(AbstractWSAuthenticationHandler.java:108) at org.picketlink.trust.jbossws.handler.AbstractWSAuthenticationHandler.handleInbound(AbstractWSAuthenticationHandler.java:63) at org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler.handleMessage(AbstractPicketLinkTrustHandler.java:250) at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:305) at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:142) at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:97) at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:129) at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:204) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:470) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:294) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:203) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:129) at org.jboss.wsf.common.servlet.AbstractEndpointServlet.service(AbstractEndpointServlet.java:85) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:183) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:95) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.internalProcess(ActiveRequestResponseCacheValve.java:74) at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:47) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:599) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:451) at java.lang.Thread.run(Thread.java:662) Caused by: javax.naming.NameNotFoundException: jaassts: not bound at org.jnp.server.NamingServer.getBinding(NamingServer.java:771) at org.jnp.server.NamingServer.getBinding(NamingServer.java:779) at org.jnp.server.NamingServer.getObject(NamingServer.java:785) at org.jnp.server.NamingServer.lookup(NamingServer.java:396) at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:753) at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:713) at javax.naming.InitialContext.lookup(InitialContext.java:392) at org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler.lookupJNDI(AbstractPicketLinkTrustHandler.java:233) ... 36 more
