portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roger Ruttimann <roger.ruttim...@earthlink.net>
Subject Re: error in sso managment
Date Thu, 08 Mar 2007 18:05:36 GMT
Thanks for reporting the defect. Please create a JIRA and I'll look into it

Roger


zx-9r@gmx.net wrote:

>hello jettspeed group,
>i think i have found a bug in the sso-administration. the bug is also reproducible in
the new release 2.1.
>
>to reproduce the bug:
>  - login as admin
>  - go to Jetspeed Administrative Portlets  >>  SSO Management
>  - create two differnent sso-sites
>  - add to each created sso-site the same user (i used 'user')
>  - now removing the user from each sso-sites one by one
>
>#when removing the user from the second sso-site in the web-page the following exception
occures :
>Could not remove credentials: org.apache.jetspeed.sso.SSOException: Failed to store site
info in database.org.apache.ojb.broker.PersistenceBrokerException: Error invoking method getPrincipalId
>
>#this error occures in the console:
>[org.apache.ojb.broker.core.proxy.IndirectionHandler] WARN: Can not materialize object
for Identity org.apache.jetspeed.security.om.impl.InternalUserPrincipalIm
>pl{21} - using PBKey org.apache.ojb.broker.PBKey: jcdAlias=JetspeedDS, user=null, password=null
>org.apache.ojb.broker.PersistenceBrokerException: Error invoking method getPrincipalId
>         at org.apache.ojb.broker.core.proxy.IndirectionHandlerDefaultImpl.invoke(IndirectionHandlerDefaultImpl.java:334)
>         at $Proxy11.getPrincipalId(Unknown Source)
>         at org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider.findRemoteMatch(PersistenceBrokerSSOProvider.java:964)
>         at org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider.removeCredentialsForSite(PersistenceBrokerSSOProvider.java:605)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:585)
>         at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:318)
>         at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:203)
>         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:162)
>         at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
>         at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185)
>         at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:209)
>         at $Proxy9.removeCredentialsForSite(Unknown Source)
>         at org.apache.jetspeed.portlets.security.sso.SSODetails.processAction(SSODetails.java:190)
>         at org.apache.jetspeed.factory.JetspeedPortletInstance.processAction(JetspeedPortletInstance.java:96)
>         at org.apache.jetspeed.container.JetspeedContainerServlet.doGet(JetspeedContainerServlet.java:245)
>         at org.apache.jetspeed.container.JetspeedContainerServlet.doPost(JetspeedContainerServlet.java:383)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
>         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
>         at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
>         at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:574)
>         at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:499)
>         at org.apache.jetspeed.container.invoker.ServletPortletInvoker.invoke(ServletPortletInvoker.java:246)
>         at org.apache.jetspeed.container.invoker.ServletPortletInvoker.action(ServletPortletInvoker.java:136)
>         at org.apache.pluto.PortletContainerImpl.processPortletAction(PortletContainerImpl.java:164)
>         at org.apache.jetspeed.container.JetspeedPortletContainerWrapper.processPortletAction(JetspeedPortletContainerWrapper.java:132)
>         at org.apache.jetspeed.pipeline.valve.impl.ActionValveImpl.invoke(ActionValveImpl.java:123)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
>         at org.apache.jetspeed.container.ContainerValve.invoke(ContainerValve.java:76)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
>         at org.apache.jetspeed.profiler.impl.ProfilerValveImpl.invoke(ProfilerValveImpl.java:255)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
>         at org.apache.jetspeed.security.impl.LoginValidationValveImpl.invoke(LoginValidationValveImpl.java:159)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
>         at org.apache.jetspeed.security.impl.PasswordCredentialValveImpl.invoke(PasswordCredentialValveImpl.java:149)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
>         at org.apache.jetspeed.localization.impl.LocalizationValveImpl.invoke(LocalizationValveImpl.java:169)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
>         at org.apache.jetspeed.security.impl.AbstractSecurityValve$1.run(AbstractSecurityValve.java:118)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.security.auth.Subject.doAsPrivileged(Subject.java:454)
>         at org.apache.jetspeed.security.JSSubject.doAsPrivileged(JSSubject.java:195)
>         at org.apache.jetspeed.security.impl.AbstractSecurityValve.invoke(AbstractSecurityValve.java:112)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
>         at org.apache.jetspeed.container.url.impl.PortalURLValveImpl.invoke(PortalURLValveImpl.java:67)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
>         at org.apache.jetspeed.capabilities.impl.CapabilityValveImpl.invoke(CapabilityValveImpl.java:128)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:166)
>         at org.apache.jetspeed.pipeline.JetspeedPipeline.invoke(JetspeedPipeline.java:145)
>         at org.apache.jetspeed.engine.JetspeedEngine.service(JetspeedEngine.java:214)
>         at org.apache.jetspeed.engine.JetspeedServlet.doGet(JetspeedServlet.java:242)
>         at org.apache.jetspeed.engine.JetspeedServlet.doPost(JetspeedServlet.java:269)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
>         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
>         at org.apache.jetspeed.engine.servlet.XXSUrlAttackFilter.doFilter(XXSUrlAttackFilter.java:51)
>         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
>         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
>         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
>         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
>         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
>         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
>         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
>         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
>         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
>         at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
>         at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
>         at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
>         at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
>         at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
>         at java.lang.Thread.run(Thread.java:595)
>Caused by: java.lang.NullPointerException
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:585)
>         at org.apache.ojb.broker.core.proxy.IndirectionHandlerDefaultImpl.invoke(IndirectionHandlerDefaultImpl.java:325)
>         ... 75 more
>
>
>#may a hint(?):
>#in
>  org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider.removeCredentialsForSite(Subject
subject, String site)
>#if found the code
>  ...
>  if (remoteForPrincipals.remove(remotePrincipal) == true)
>
>  // Update the site
>  getPersistenceBrokerTemplate().store(ssoSite);
>
>  // delete the remote Principal from the SECURITY_PRINCIPAL table
>  getPersistenceBrokerTemplate().delete(remotePrincipal);
>  ...
>#this look like forgotten if-braces but i don't really understand the code
>
>will there be a patch available for this problem in the near of future?
>Gunther
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
>For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>
>
>  
>


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message