Boa tarde galera,
estou com dificuldade em configurar JAAS + JBoss 6.1. O processo de login acontece com sucesso, porém quando cai no filtro após o login… o usuário está null:
SecurityAssociation.getPrincipal()
o código acima retorna null…
alguma dica galera?
segue abaixo toda a minha confguração
Filter:
package br.com.lugarcerto.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.jboss.security.SecurityAssociation;
public class LoginFilter implements Filter {
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
String userName = SecurityAssociation.getPrincipal().getName();
System.out.println("Yeeey! Get me here and find me in the database: "
+ userName);
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
}
web.xml
[code]
<?xml version="1.0" encoding="UTF-8"?> sample project Faces Servlet javax.faces.webapp.FacesServlet 1 Faces Servlet *.jsf 30 404 /faces/error.xhtml 500 /faces/error.xhtml<security-constraint>
<web-resource-collection>
<web-resource-name>Usuarios</web-resource-name>
<url-pattern>/usuario/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ROLE_USUARIO</role-name>
</auth-constraint>
</security-constraint>
<!-- Validation By Form -->
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/cadastro/cadastro.jsf</form-login-page>
<form-error-page>/error/acessonegado.jsf</form-error-page>
</form-login-config>
</login-config>
<!-- Allowed Roles -->
<security-role>
<role-name>ROLE_USUARIO</role-name>
</security-role>
<!-- Filter to get the user name and work with it -->
<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>br.com.lugarcerto.filter.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>/usuario/*</url-pattern>
</filter-mapping>
[/code]
meu jboss-web.xml
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<!-- Links with JBoss the Realm to use -->
<security-domain>java:/jaas/login-lugar-certo</security-domain>
</jboss-web>
meu login-config.xml
<application-policy name="login-lugar-certo">
<authentication>
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/lugarcerto</module-option>
<module-option name="principalsQuery">SELECT U.SENHA FROM USUARIO U WHERE U.EMAIL=?</module-option>
<module-option name="rolesQuery">SELECT P.DS_PERFIL, 'Roles' FROM USUARIO U
INNER JOIN PERFIL P ON U.PERFIL_ID_PERFIL = P.ID_PERFIL WHERE U.EMAIL=?</module-option>
<!--<module-option name ="hashAlgorithm">md5</module-option>-->
</login-module>
</authentication>
</application-policy>
log do jboss no processo de login:
[code]13:24:45,807 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request POST /lugarcerto/usuario/j_security_check
13:24:45,809 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] Authenticating username ‘leo@leo.com’
13:24:45,811 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.login-lugar-certo] Begin isValid, principal:leo@leo.com, cache info: null
13:24:45,811 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.login-lugar-certo] defaultLogin, principal=leo@leo.com
13:24:45,812 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] Begin getAppConfigurationEntry(login-lugar-certo), size=12
13:24:45,813 TRACE [org.jboss.security.auth.login.XMLLoginConfigImpl] End getAppConfigurationEntry(login-lugar-certo), authInfo=AppConfigurationEntry[]:
[0]
LoginModule Class: org.jboss.security.auth.spi.DatabaseServerLoginModule
ControlFlag: LoginModuleControlFlag: required
Options:
name=principalsQuery, value=SELECT U.SENHA FROM USUARIO U WHERE U.EMAIL=?
name=dsJndiName, value=java:/lugarcerto
name=rolesQuery, value=SELECT P.DS_PERFIL, ‘Roles’ FROM USUARIO U
INNER JOIN PERFIL P ON U.PERFIL_ID_PERFIL = P.ID_PERFIL WHERE U.EMAIL=?
13:24:45,819 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] initialize
13:24:45,819 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Security domain: login-lugar-certo
13:24:45,820 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] DatabaseServerLoginModule, dsJndiName=java:/lugarcerto
13:24:45,820 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] principalsQuery=SELECT U.SENHA FROM USUARIO U WHERE U.EMAIL=?
13:24:45,820 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] rolesQuery=SELECT P.DS_PERFIL, ‘Roles’ FROM USUARIO U
INNER JOIN PERFIL P ON U.PERFIL_ID_PERFIL = P.ID_PERFIL WHERE U.EMAIL=?
13:24:45,820 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendResume=true
13:24:45,821 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] login
13:24:45,821 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction
13:24:45,822 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: SELECT U.SENHA FROM USUARIO U WHERE U.EMAIL=?, with username: leo@leo.com
13:24:45,823 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Obtained user password
13:24:45,823 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction
13:24:45,824 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] User ‘leo@leo.com’ authenticated, loginOk=true
13:24:45,824 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] commit, loginOk=true
13:24:45,824 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] getRoleSets using rolesQuery: SELECT P.DS_PERFIL, ‘Roles’ FROM USUARIO U
INNER JOIN PERFIL P ON U.PERFIL_ID_PERFIL = P.ID_PERFIL WHERE U.EMAIL=?, username: leo@leo.com
13:24:45,832 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] suspendAnyTransaction
13:24:45,833 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Excuting query: SELECT P.DS_PERFIL, ‘Roles’ FROM USUARIO U
INNER JOIN PERFIL P ON U.PERFIL_ID_PERFIL = P.ID_PERFIL WHERE U.EMAIL=?, with username: leo@leo.com
13:24:45,836 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] Assign user to role ROLE_USUARIO
13:24:45,836 TRACE [org.jboss.security.auth.spi.DatabaseServerLoginModule] resumeAnyTransaction
13:24:45,838 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.login-lugar-certo] defaultLogin, lc=javax.security.auth.login.LoginContext@7e44258, subject=Subject(1516608005).principals=org.jboss.security.SimplePrincipal@573986900(leo@leo.com)org.jboss.security.SimpleGroup@104627471(Roles(members:ROLE_USUARIO))
13:24:45,838 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.login-lugar-certo] updateCache, inputSubject=Subject(1516608005).principals=org.jboss.security.SimplePrincipal@573986900(leo@leo.com)org.jboss.security.SimpleGroup@104627471(Roles(members:ROLE_USUARIO)), cacheSubject=Subject(1147333792).principals=org.jboss.security.SimplePrincipal@573986900(leo@leo.com)org.jboss.security.SimpleGroup@104627471(Roles(members:ROLE_USUARIO))
13:24:45,838 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.login-lugar-certo] Inserted cache info: org.jboss.security.plugins.auth.JaasSecurityManagerBase$DomainInfo@3a9d1f73[Subject(1147333792).principals=org.jboss.security.SimplePrincipal@573986900(leo@leo.com)org.jboss.security.SimpleGroup@104627471(Roles(members:ROLE_USUARIO)),credential.class=java.lang.String@944780329,expirationTime=1332262482323]
13:24:45,838 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.login-lugar-certo] End isValid, true
13:24:45,838 TRACE [org.jboss.web.tomcat.security.JBossWebRealm] User: leo@leo.com is authenticated
13:24:45,840 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.login-lugar-certo] getPrincipal, cache info: org.jboss.security.plugins.auth.JaasSecurityManagerBase$DomainInfo@3a9d1f73[Subject(1147333792).principals=org.jboss.security.SimplePrincipal@573986900(leo@leo.com)org.jboss.security.SimpleGroup@104627471(Roles(members:ROLE_USUARIO)),credential.class=java.lang.String@944780329,expirationTime=1332262482323]
13:24:45,845 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] Authentication of ‘leo@leo.com’ was successful
13:24:45,845 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] Redirecting to original ‘/lugarcerto/usuario/meusdados.jsf’
13:24:45,845 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Failed authenticate() test ??/lugarcerto/usuario/j_security_check
13:24:45,845 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:null
13:24:45,848 TRACE [org.jboss.security.SecurityRolesAssociation] Setting threadlocal:{}
13:24:45,848 TRACE [org.jboss.web.tomcat.security.JaccContextValve] MetaData:org.jboss.metadata.web.jboss.JBossWebMetaData@1f:principalToRoleSetMap{}
13:24:45,848 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request GET /lugarcerto/usuario/meusdados.jsf
13:24:45,848 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint ‘SecurityConstraint[Usuarios]’ against GET /usuario/meusdados.jsf --> true
13:24:45,848 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint ‘SecurityConstraint[Usuarios]’ against GET /usuario/meusdados.jsf --> true
13:24:45,848 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling hasUserDataPermission()
13:24:45,849 DEBUG [org.apache.catalina.realm.RealmBase] User data constraint has no restrictions
13:24:45,849 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED]
13:24:45,849 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling authenticate()
13:24:45,849 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] Restore request from session ‘13247D460F5A0D0AF9B507545DD186E7’
13:24:45,849 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Authenticated ‘leo@leo.com’ with type ‘FORM’
13:24:45,850 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] Proceed to restored request
13:24:45,850 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling accessControl()
13:24:45,850 DEBUG [org.apache.catalina.realm.RealmBase] Checking roles GenericPrincipal[leo@leo.com(ROLE_USUARIO,)]
13:24:45,851 DEBUG [org.apache.catalina.realm.RealmBase] Username leo@leo.com has role ROLE_USUARIO
13:24:45,853 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED]
13:24:45,853 DEBUG [org.apache.catalina.realm.RealmBase] Role found: ROLE_USUARIO
13:24:45,853 TRACE [org.jboss.security.plugins.authorization.JBossAuthorizationContext] Control flag for entry:org.jboss.security.authorization.config.AuthorizationModuleEntry{org.jboss.security.authorization.modules.DelegatingAuthorizationModule:{}REQUIRED}is:[REQUIRED]
13:24:45,853 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Successfully passed all security constraints
13:24:45,853 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] Begin invoke, caller=GenericPrincipal[leo@leo.com(ROLE_USUARIO,)]
13:24:45,854 TRACE [org.jboss.web.tomcat.security.SecurityAssociationValve] Restoring principal info from cache
13:24:45,854 TRACE [org.jboss.web.tomcat.security.RunAsListener] Faces Servlet, runAs: null
13:24:45,854 TRACE [org.jboss.web.tomcat.security.RunAsListener] Faces Servlet, runAs: null
13:24:45,854 DEBUG [org.jboss.security.SecurityAssociation] Using ThreadLocal: false
13:24:45,855 TRACE [org.jboss.security.SecurityAssociation] getPrincipal, principal=null
13:24:45,855 TRACE [org.jboss.web.tomcat.security.RunAsListener] Faces Servlet, runAs: null
13:24:45,855 ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/lugarcerto].[Faces Servlet]] Servlet.service() for servlet Faces Servlet threw exception: java.lang.NullPointerException
at br.com.lugarcerto.filter.LoginFilter.doFilter(LoginFilter.java:25) [:][/code]