Uploaded image for project: 'Seam Security'
  1. Seam Security
  2. SEAMSECURITY-22

Basic authentication with no security drools and no picketlink defined in seam-beans.xml throws exception

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.0.0.Alpha2
    • Fix Version/s: Future
    • Labels:
      None
    • Environment:

      Jboss 6 AS Final, windows

      Description

      Very simple Authentication implementation:
      public class LoginService implements Authenticator {

      @Inject
      Credentials credentials;
      @Inject
      Logger log;

      public boolean authenticate()

      { // authentication logic here log.info("authenticate is called in LoginService"); log.info("userID="+credentials.getUsername()); return true; // if authentication successful }

      }

      View (login.xhtml)
      <h:form id="loginForm" rendered="#

      {not identity.loggedIn}

      ">
      <h:messages id="messages" globalOnly="true" />

      <div class="loginRow"><h:outputLabel for="name"
      value="Username" styleClass="loginLabel" /> <h:inputText id="name"
      value="#

      {credentials.username}

      " /></div>

      <div class="loginRow"><h:outputLabel for="password"
      value="Password" styleClass="loginLabel" /> <h:inputSecret
      id="password" value="#

      {credentials.password}

      " redisplay="true" /></div>

      <div class="loginRow"></div>

      <div class="buttons"><h:commandButton id="login" value="LOGIN"
      action="#

      {identity.login}

      " styleClass="loginButton" /></div>

      I don't define any drools file and I am not using picketlink either. But after I typed user info in the login page, , the server throws the following exception:
      17:18:35,453 ERROR [org.jboss.weld.Bean] WELD-000019 Error destroying an instance Managed Bean [class org.jboss.seam.security.permission.SecurityRuleProducer] with qualifiers [@Any @Default] of org.jboss.seam.security.permission.SecurityRuleProducer@de0ad3
      17:18:35,453 ERROR [org.jboss.seam.security.IdentityImpl] Login failed for: Credentials[rich]: java.lang.IllegalArgumentException: stream cannot be null
      at org.drools.io.impl.InputStreamResource.<init>(InputStreamResource.java:35) [:5.1.1]
      at org.drools.io.impl.ResourceFactoryServiceImpl.newInputStreamResource(ResourceFactoryServiceImpl.java:87) [:5.1.1]
      at org.drools.io.ResourceFactory.newInputStreamResource(ResourceFactory.java:87) [:5.1.1]
      at org.jboss.seam.security.permission.SecurityRuleProducer.createSecurityKnowledgeBase(SecurityRuleProducer.java:43) [:3.0.0.Alpha2]
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_13]
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_13]
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_13]
      at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_13]
      at org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:305) [:6.0.0.Final]
      at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) [:6.0.0.Final]
      at org.jboss.weld.util.reflection.SecureReflectionAccess.runAsInvocation(SecureReflectionAccess.java:163) [:6.0.0.Final]
      at org.jboss.weld.util.reflection.SecureReflections.invoke(SecureReflections.java:299) [:6.0.0.Final]
      at org.jboss.weld.introspector.jlr.WeldMethodImpl.invokeOnInstance(WeldMethodImpl.java:188) [:6.0.0.Final]
      at org.jboss.weld.injection.MethodInjectionPoint.invokeOnInstance(MethodInjectionPoint.java:169) [:6.0.0.Final]
      at org.jboss.weld.bean.ProducerMethod$1.produce(ProducerMethod.java:149) [:6.0.0.Final]
      at org.jboss.weld.bean.AbstractProducerBean.create(AbstractProducerBean.java:361) [:6.0.0.Final]
      at org.jboss.weld.context.AbstractContext.get(AbstractContext.java:121) [:6.0.0.Final]
      at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:99) [:6.0.0.Final]
      at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:124) [:6.0.0.Final]
      at org.jboss.weld.proxies.org$jboss$weld$beanProducerMethod-org$jboss$seam$security$permission$SecurityRuleProducermethod_createSecurityKnowledgeBase()$$_WeldClientProxy.newStatefulKnowledgeSession(org$jboss$weld$beanProducerMethod-org$jboss$seam$security$permission$SecurityRuleProducermethod_createSecurityKnowledgeBase()$$_WeldClientProxy.java)
      at org.jboss.seam.security.permission.RuleBasedPermissionResolver.init(RuleBasedPermissionResolver.java:49) [:3.0.0.Alpha2]
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_13]
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_13]
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_13]
      at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_13]
      at org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:305) [:6.0.0.Final]
      at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) [:6.0.0.Final]
      at org.jboss.weld.util.reflection.SecureReflectionAccess.runAsInvocation(SecureReflectionAccess.java:163) [:6.0.0.Final]
      at org.jboss.weld.util.reflection.SecureReflections.invoke(SecureReflections.java:299) [:6.0.0.Final]
      at org.jboss.weld.introspector.jlr.WeldMethodImpl.invoke(WeldMethodImpl.java:193) [:6.0.0.Final]
      at org.jboss.weld.injection.MethodInjectionPoint.invoke(MethodInjectionPoint.java:127) [:6.0.0.Final]
      at org.jboss.weld.util.Beans.callInitializers(Beans.java:898) [:6.0.0.Final]
      at org.jboss.weld.util.Beans.injectFieldsAndInitializers(Beans.java:885) [:6.0.0.Final]
      at org.jboss.weld.bean.ManagedBean$ManagedBeanInjectionTarget$1$1.proceed(ManagedBean.java:182) [:6.0.0.Final]
      at org.jboss.weld.injection.InjectionContextImpl.run(InjectionContextImpl.java:54) [:6.0.0.Final]
      at org.jboss.weld.bean.ManagedBean$ManagedBeanInjectionTarget$1.work(ManagedBean.java:176) [:6.0.0.Final]
      at org.jboss.weld.bean.ManagedBean$FixInjectionPoint.run(ManagedBean.java:142) [:6.0.0.Final]
      at org.jboss.weld.bean.ManagedBean$ManagedBeanInjectionTarget.inject(ManagedBean.java:170) [:6.0.0.Final]
      at org.jboss.weld.bean.ManagedBean.create(ManagedBean.java:339) [:6.0.0.Final]
      at org.jboss.weld.context.AbstractContext.get(AbstractContext.java:121) [:6.0.0.Final]
      at org.jboss.weld.bean.proxy.ContextBeanInstance.getInstance(ContextBeanInstance.java:99) [:6.0.0.Final]
      at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:87) [:6.0.0.Final]
      at org.jboss.seam.security.permission.org$jboss$weld$bean-jboss$classloader:id="vfs:$$$D:$apps$jboss$jboss-6$0$0$Final$server$epen$deploy$epen-account-setup$war"-ManagedBean-class_org$jboss$seam$security$permission$RuleBasedPermissionResolver_$$WeldClientProxy.setUserAccountInSecurityContext(org$jboss$weld$bean-jboss$classloader:id="vfs:$$$D:$apps$jboss$jboss-6$0$0$Final$server$epen$deploy$epen-account-setup$war"-ManagedBean-class_org$jboss$seam$security$permission$RuleBasedPermissionResolver$$_WeldClientProxy.java) [:3.0.0.Alpha2]
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_13]
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_13]
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_13]
      at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_13]
      at org.jboss.weld.util.reflection.SecureReflections$13.work(SecureReflections.java:305) [:6.0.0.Final]
      at org.jboss.weld.util.reflection.SecureReflectionAccess.run(SecureReflectionAccess.java:54) [:6.0.0.Final]
      at org.jboss.weld.util.reflection.SecureReflectionAccess.runAsInvocation(SecureReflectionAccess.java:163) [:6.0.0.Final]
      at org.jboss.weld.util.reflection.SecureReflections.invoke(SecureReflections.java:299) [:6.0.0.Final]
      at org.jboss.weld.introspector.jlr.WeldMethodImpl.invokeOnInstance(WeldMethodImpl.java:188) [:6.0.0.Final]
      at org.jboss.weld.introspector.ForwardingWeldMethod.invokeOnInstance(ForwardingWeldMethod.java:59) [:6.0.0.Final]
      at org.jboss.weld.injection.MethodInjectionPoint.invokeOnInstanceWithSpecialValue(MethodInjectionPoint.java:198) [:6.0.0.Final]
      at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:270) [:6.0.0.Final]
      at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:253) [:6.0.0.Final]
      at org.jboss.weld.event.ObserverMethodImpl.notify(ObserverMethodImpl.java:222) [:6.0.0.Final]
      at org.jboss.weld.manager.BeanManagerImpl.notifyObservers(BeanManagerImpl.java:611) [:6.0.0.Final]
      at org.jboss.weld.manager.BeanManagerImpl.fireEvent(BeanManagerImpl.java:604) [:6.0.0.Final]
      at org.jboss.weld.manager.BeanManagerImpl.fireEvent(BeanManagerImpl.java:598) [:6.0.0.Final]
      at org.jboss.seam.security.IdentityImpl.postAuthenticate(IdentityImpl.java:379) [:3.0.0.Alpha2]
      at org.jboss.seam.security.IdentityImpl.authenticate(IdentityImpl.java:317) [:3.0.0.Alpha2]
      at org.jboss.seam.security.IdentityImpl.login(IdentityImpl.java:203) [:3.0.0.Alpha2]
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_13]
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_13]
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_13]
      at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_13]
      at org.apache.el.parser.AstValue.invoke(AstValue.java:196) [:6.0.0.Final]
      at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [:6.0.0.Final]
      at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [:6.0.0.Final]
      at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [:6.0.0.Final]
      at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:43) [:6.0.0.Final]
      at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:56) [:6.0.0.Final]
      at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:102) [:2.0.3-]
      at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:84) [:2.0.3-]
      at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:98) [:2.0.3-]
      at javax.faces.component.UICommand.broadcast(UICommand.java:311) [:2.0.3-]
      at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:781) [:2.0.3-]
      at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1246) [:2.0.3-]
      at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:77) [:2.0.3-]
      at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:97) [:2.0.3-]
      at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:114) [:2.0.3-]
      at javax.faces.webapp.FacesServlet.service(FacesServlet.java:308) [:2.0.3-]
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324) [:6.0.0.Final]
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]
      at org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationPropagationFilter.java:67) [:6.0.0.Final]
      at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:274) [:6.0.0.Final]
      at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [:6.0.0.Final]
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) [:6.0.0.Final]
      at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181) [:6.0.0.Final]
      at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285) [:1.1.0.Final]
      at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261) [:1.1.0.Final]
      at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88) [:6.0.0.Final]
      at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100) [:6.0.0.Final]
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [:6.0.0.Final]
      at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [:6.0.0.Final]
      at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) [:6.0.0.Final]
      at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [:6.0.0.Final]
      at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53) [:6.0.0.Final]
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [:6.0.0.Final]
      at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [:6.0.0.Final]
      at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654) [:6.0.0.Final]
      at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951) [:6.0.0.Final]
      at java.lang.Thread.run(Thread.java:619) [:1.6.0_13]

        Attachments

          Activity

            People

            Assignee:
            shane.bryzak Shane Bryzak
            Reporter:
            yangju Richard Yang (Inactive)
            Archiver:
            samahaja Sagar Mahajan

              Dates

              Created:
              Updated:
              Archived: