How can I debug javax.servlet.ServletException caused by request.login() method?
Login.java
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
PrintWriter out = response.getWriter();
String username = request.getParameter("username");
String password = request.getParameter("password");
try {
request.login(username, password); // Exceptions happen.
out.println("logged in");
} catch (Exception e) {
e.printStackTrace();
}
}
tomcat server.xml
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Realm>
<!-- added by myself>
<Context>
<Realm className="org.apache.catalina.realm.JDBCRealm"
connectionName="root"
connectionPassword="password"
connectionURL="jdbc:mysql://localhost/forum?autoReconnectForPools=true&characterEncoding=UTF-8"
digest="MD5"
driverName="com.mysql.jdbc.Driver"
roleNameCol="role_name"
userCredCol="user_pass"
userNameCol="user_name"
userRoleTable="user_roles"
userTable="users" />
</Context>
Exception:
javax.servlet.ServletException: Login failed at
org.apache.catalina.authenticator.AuthenticatorBase.doLogin(AuthenticatorBase.java:963)
at
org.apache.catalina.authenticator.AuthenticatorBase.login(AuthenticatorBase.java:943)
at org.apache.catalina.connector.Request.login(Request.java:2768) at
org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1064)
at com.example.Login.doPost(Login.java:55) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:650) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
You are getting a Login fail because the method that you used to create the hashed password in the database is different from that used by the Tomcat JDBCRealm.
Instead of using the MySql MD5 function, you should use the digest tool provided by Tomcat (in the bin directory of your Tomcat installation) to generate the hashed password.
For example (with a password of "1"):
[steve#Steves-MacBook-Pro apache-tomcat-8.0.18]$ bin/digest.sh -s 0 -a MD5 1
1:$1$c4ca4238a0b923820dcc509a6f75849b
I expect that this result ($1$c4ca4238a0...) is different from what you will observe in the database table.
Additionally, according to Tomcat 8 Realm Configuration HOW-TO, you should digest the values {username}:{realm}:{cleartext-password} instead of just {cleartext-password} and store that in the database. The {realm} value comes from the <realm-name> in your web.xml file.
Related
Getting below exception while fetching logged in user object using xsuaa approuter login
User currentUser = UserAccessor.getCurrentUser();
I am to get currentUser object without using GuiceFilter, If I apply GuiceFilter then getting below exception.
Any one Please suggest me how to get UserAccessor.getCurrentUser() with GuiceFilter
com.sap.cloud.sdk.cloudplatform.security.user.exception.UserAccessException: Failed to get current user: no RequestContext available. Have you correctly configured a RequestContextServletFilter or have you wrapped your logic in a RequestContextExecutor when executing background tasks that are not triggered by a request?
at com.sap.cloud.sdk.cloudplatform.security.user.AbstractUserFacade.getCurrentUserIfAuthenticated(AbstractUserFacade.java:85)
at com.sap.cloud.sdk.cloudplatform.security.user.AbstractUserFacade.getCurrentUser(AbstractUserFacade.java:135)
at com.sap.cloud.sdk.cloudplatform.security.user.UserAccessor.getCurrentUser(UserAccessor.java:122)
at com.company.HelloWorldServlet2.handleRequest(HelloWorldServlet2.java:35)
at com.company.BaseServlet.doPost(BaseServlet.java:120)
at com.company.BaseServlet.doGet(BaseServlet.java:104)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:287)
at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:277)
at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:182)
at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:119)
at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133)
at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130)
at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203)
at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
at org.apache.tomee.catalina.OpenEJBValve.invoke(OpenEJBValve.java:44)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:494)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at com.sap.xs.java.valves.ErrorReportValve.invoke(ErrorReportValve.java:66)
at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:191)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at com.sap.xs.jdbc.datasource.valve.JDBCValve.invoke(JDBCValve.java:62)
at com.sap.xs.security.UserInfoValve.invoke(UserInfoValve.java:19)
at com.sap.xs.statistics.tomcat.valve.RequestTracingValve.invoke(RequestTracingValve.java:43)
at com.sap.xs.logging.catalina.RuntimeInfoValve.invoke(RuntimeInfoValve.java:40)
at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:695)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1136)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:836)
Essentially, Sander's answer is already correct (please kindly accept his). To be more precise your definition in web.xml must look the following way (omitting all the other ServletFilters before):
<!-- other filter go here -->
<filter>
<filter-name>RequestContextServletFilter</filter-name>
<filter-class>com.sap.cloud.sdk.cloudplatform.servlet.RequestContextServletFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>RequestContextServletFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>guiceFilter</filter-name>
<filter-class>com.google.inject.servlet.GuiceFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>guiceFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
I've tried your minimal non-working example with this and the exception disappears. Using the ALLOW_MOCKED_AUTH_HEADER: true environment variable an empty user is returned which is proof enough that the filter applies before the Guice filter:
From the stack trace, it looks like the GuiceFilter is invoked while the RequestContextServletFilter is not. The RequestContextServletFilter initializes a RequestContext, which is a prerequisite for retrieving user information.
Can you try to explicitly declare the RequestContextServletFilter in your web.xml file?
I want to store my H2 database as an encrypted file and access its web interface.
I configured H2 database so that I can access web interface to manipulate the database under console/db address.
When I do not use encryption everything works fine.
When I add CIPHER=AES to db.url I cannot log into the database and get below exception:
File corrupted while reading record: null. Possible solution: use the recovery tool [90030-191] 90030/90030 (Help)
org.h2.jdbc.JdbcSQLException: Uszkodzenie pliku podczas wczytywania rekordu: null
File corrupted while reading record: null. Possible solution: use the recovery tool [90030-191]
at org.h2.message.DbException.getJdbcSQLException(DbException.java:345)
at org.h2.message.DbException.get(DbException.java:168)
at org.h2.mvstore.db.MVTableEngine$Store.convertIllegalStateException(MVTableEngine.java:195)
at org.h2.mvstore.db.MVTableEngine$Store.open(MVTableEngine.java:167)
at org.h2.mvstore.db.MVTableEngine.init(MVTableEngine.java:99)
at org.h2.engine.Database.getPageStore(Database.java:2460)
at org.h2.engine.Database.open(Database.java:692)
at org.h2.engine.Database.openDatabase(Database.java:270)
at org.h2.engine.Database.<init>(Database.java:264)
at org.h2.engine.Engine.openSession(Engine.java:65)
at org.h2.engine.Engine.openSession(Engine.java:175)
at org.h2.engine.Engine.createSessionAndValidate(Engine.java:153)
at org.h2.engine.Engine.createSession(Engine.java:136)
at org.h2.engine.Engine.createSession(Engine.java:28)
at org.h2.engine.SessionRemote.connectEmbeddedOrServer(SessionRemote.java:349)
at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:107)
at org.h2.jdbc.JdbcConnection.<init>(JdbcConnection.java:91)
at org.h2.Driver.connect(Driver.java:72)
at org.h2.server.web.WebServer.getConnection(WebServer.java:735)
at org.h2.server.web.WebApp.login(WebApp.java:955)
at org.h2.server.web.WebApp.process(WebApp.java:211)
at org.h2.server.web.WebApp.processRequest(WebApp.java:170)
at org.h2.server.web.WebServlet.doGet(WebServlet.java:125)
at org.h2.server.web.WebServlet.doPost(WebServlet.java:162)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:121)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:522)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1095)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1502)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1458)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.IllegalStateException: Store header is corrupt: nio:/home/robak/db/adzfo.mv.db [1.4.191/6]
at org.h2.mvstore.DataUtils.newIllegalStateException(DataUtils.java:773)
at org.h2.mvstore.MVStore.readStoreHeader(MVStore.java:603)
at org.h2.mvstore.MVStore.<init>(MVStore.java:353)
at org.h2.mvstore.MVStore$Builder.open(MVStore.java:2888)
at org.h2.mvstore.db.MVTableEngine$Store.open(MVTableEngine.java:154)
... 47 more
Database Configuration
db.driver=org.h2.Driver
db.url=jdbc:h2:file:~/db/app_name;AUTO_SERVER=TRUE;CIPHER=AES
db.username=user
db.password=password
Servlet Context
private void configureDatabaseConsole(ServletContext servletContext) {
ServletRegistration.Dynamic h2Servlet = servletContext.addServlet("h2console", WebServlet.class);
h2Servlet.setLoadOnStartup(2);
h2Servlet.addMapping("/console/db/*");
}
Data source
#Bean
public DataSource dataSource() {
DriverManagerDataSource dataSource = new DriverManagerDataSource();
dataSource.setDriverClassName(getProperty(DRIVER));
dataSource.setUrl(getProperty(URL));
dataSource.setUsername(getProperty(USERNAME));
dataSource.setPassword(FILE_PASSWORD + " " + getProperty(PASSWORD));
return dataSource;
}
What should I do to have an encrypted database as a file on a hard drive and to access its console via web interface?
Are you sure you using the right password. Quoting from the H2 documentation File Encryption
The encryption algorithm is set in the database URL, and the file
password is specified in the password field, before the user
password. A single space separates the file password and the user
password; the file password itself may not contain spaces. File
passwords and user passwords are case sensitive. Here is an example
to connect to a password-encrypted database:
Class.forName("org.h2.Driver");
String url = "jdbc:h2:~/test;CIPHER=AES";
String user = "sa";
String pwds = "filepwd userpwd";
conn = DriverManager.
getConnection(url, user, pwds);
If you don't provide the correct password you won't get a connection.
I am trying to use Active Directory to authenticate users on my web
application. This is now working correctly if I use the right
credentials, but If I fail to input the correct credentials, I get the
following error [1] and no further attempts is allowed. I did not have
this issue when I was only using the UserDatabaseRealm.
Edit: After upgrading to Tomcat 8.0.15 as suggested by #kotacc, I am still getting an error (see [5] below) when entering the wrong credentials. end of Edit
My server.xml is in [2] and my web.xml in [3]
My configuration details are in [4].
Any idea of what is wrong? Could anyone point me to the right
documentation for this?
regards
Ben
[2] here is the relevant part from my server.xml:
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.CombinedRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://someServer.mycompany.com:389"
connectionName="OneUser#mycompany.CORP"
connectionPassword="aPassword"
referrals="follow"
userBase="ou=Users,OU=somServer,DC=mycompany,DC=CORP"
userSearch="(sAMAccountName={0})"
userSubtree="true"
/>
</Realm>
</Realm>
[3] here is the relevant part from my web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Wildcard means whole app requires
authentication</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Public</web-resource-name>
<description>Matches a few special pages.</description>
<url-pattern>/index.html</url-pattern>
</web-resource-collection>
<!-- No auth-constraint means everybody has access! -->
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<description>this is the standard user</description>
<role-name>*</role-name>
</security-role>
[4] This is on Tomcat 7.0.57 running on Windows 7 64 bit
> java -version java version "1.7.0_71" Java(TM) SE Runtime Environment
> (build 1.7.0_71-b14) Java HotSpot(TM) 64-Bit Server VM (build
> 24.71-b01, mixed mode)
[1] here is the error:
java.lang.NullPointerException
org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:1303)
org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:1253)
org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:1194)
org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:1069)
org.apache.catalina.realm.CombinedRealm.authenticate(CombinedRealm.java:146)
org.apache.catalina.realm.CombinedRealm.authenticate(CombinedRealm.java:146)
org.apache.catalina.realm.LockOutRealm.authenticate(LockOutRealm.java:180)
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:164)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:575)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070)
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2466)
org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2455)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Thread.java:745)
[5] here is the error with Tomcat 8.0.15:
java.lang.NullPointerException
org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:1286)
org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:1236)
org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:1177)
org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:1052)
org.apache.catalina.realm.CombinedRealm.authenticate(CombinedRealm.java:157)
org.apache.catalina.realm.CombinedRealm.authenticate(CombinedRealm.java:157)
org.apache.catalina.realm.LockOutRealm.authenticate(LockOutRealm.java:180)
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:111)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:576)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:610)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:537)
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1085)
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:658)
org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:222)
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1556)
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1513)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Thread.java:745)
It appears to be a defect in Tomcat 7.0.57. If you see the source code at line 1300, there is no null check. I've pasted the piece of code here and given my comment:
protected User getUser(DirContext context, String username,
String credentials, int curUserPattern)
throws NamingException {
...
if (userPatternFormatArray != null && curUserPattern >= 0) {
user = getUserByPattern(context, username, credentials, attrIds, curUserPattern);
} else {
user = getUserBySearch(context, username, attrIds);
}
if (userPassword == null && credentials != null) { //Line 1300;No null check for 'user' object.
return new User(user.getUserName(), user.getDN(), credentials,
user.getRoles(), user.getUserRoleId());
}
return user;
}
Seems that lines from 1300 are added in Tomcat 7.0.57 version. I could also see that it is addressed in trunk but it is not released yet. I suggest you use either previous version (7.0.56) or Tomcat 8.
[EDIT]: It seems the defect is not fixed in all versions of Tomcat 8. As of now, the latest versions of Tomcat i.e 7.0.57 and 8.0.15 having this defect.
I'm getting the following error deploying my first WAR file in IntelliJ. It is a local issue, supposedly, as this is just a WAR file we deploy to test our setup.
All 80 Maven tests are passing, but when I browse to the web app, I get this error:
java.lang.IllegalArgumentException: javax.naming.NameNotFoundException: Name [jdbc/ipam] is not bound in this Context. Unable to find [jdbc].
com.myapp1.ipam.rest.JaxRsApplication.<init>(JaxRsApplication.java:26)
sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
java.lang.reflect.Constructor.newInstance(Constructor.java:526)
org.glassfish.hk2.utilities.reflection.ReflectionHelper.makeMe(ReflectionHelper.java:1104)
org.jvnet.hk2.internal.Utilities.justCreate(Utilities.java:902)
org.jvnet.hk2.internal.ServiceLocatorImpl.create(ServiceLocatorImpl.java:872)
org.jvnet.hk2.internal.ServiceLocatorImpl.createAndInitialize(ServiceLocatorImpl.java:964)
org.jvnet.hk2.internal.ServiceLocatorImpl.createAndInitialize(ServiceLocatorImpl.java:956)
org.glassfish.jersey.server.ApplicationHandler.createApplication(ApplicationHandler.java:336)
org.glassfish.jersey.server.ApplicationHandler.<init>(ApplicationHandler.java:315)
org.glassfish.jersey.server.ApplicationHandler.<init>(ApplicationHandler.java:285)
org.glassfish.jersey.servlet.WebComponent.<init>(WebComponent.java:310)
org.glassfish.jersey.servlet.ServletContainer.init(ServletContainer.java:170)
org.glassfish.jersey.servlet.ServletContainer.init(ServletContainer.java:358)
javax.servlet.GenericServlet.init(GenericServlet.java:158)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070)
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314)
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
java.lang.Thread.run(Thread.java:745)
This seems to be where the problem lies:
public JaxRsApplication() {
DataSource datasource;
try {
Context initCtx = new InitialContext();
Context envCtx = (Context) initCtx.lookup("java:comp/env");
datasource = (DataSource) envCtx.lookup("jdbc/ipam");
} catch (NamingException e) {
throw new IllegalArgumentException(e);
}
this.init(new SystemConfiguration(datasource));
}
This is my first time using IntelliJ, and I am new to Java, so I'm not sure what to do here.
Here is context-fragment.xml
<?xml version='1.0' encoding='utf-8'?>
<Context>
<Resource name="jdbc/ipam"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
auth="Container"
type="javax.sql.DataSource"
initialSize="2"
maxActive="5"
maxIdle="5"
minIdle="1"
maxWait="10000"
removeAbandoned="true"
removeAbandonedTimeout="60"
logAbandoned="true"
defaultReadOnly="false"
username="**********"
password="**********"
driverClassName="org.postgresql.Driver"
validationQuery="select 1"
validationQueryTimeout="5"
logValidationErrors="true"
testOnBorrow="true"
testWhileIdle="true"
url="jdbc:postgresql://db1host/ipam_dev_table_here"/>
</Context>
Make sure that you have setup IntelliJ to deploy the context.xml file when it starts tomcat. You can do this by
Select "Project Structure" from the File menu
From there, select the "Facets" option. Make sure that you have a Web facet configured. If not, add one.
Once the web facet is added, select "Add Application Server specific descriptor..."
Select Tomcat Context Descriptor from the options and click OK.
By default IntelliJ will point to META-INF/context.xml. If this is not the location of your context file, you will need to edit the Path to the file.
I'm doing a user-specific topic subscription using spring 4 websocket, and my app doesn't depend on security mechanism, handshake failed because the principal is null, i try to extend DefaultHandshakeHandler and override the determineUser protected method, do i need to populate the principal object and how? Any help would be great appreciated.
Config:
#Configuration
#EnableWebSocketMessageBroker
public class WebSocketConfig extends AbstractWebSocketMessageBrokerConfigurer {
#Override
public void configureMessageBroker(MessageBrokerRegistry config) {
config.enableSimpleBroker("/topic", "/user");
config.setApplicationDestinationPrefixes("/app");
}
#Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/hello").setHandshakeHandler(customHandshakeHandler()).withSockJS();
}
#Bean
public CustomHandshakeHandler customHandshakeHandler() {
return new CustomHandshakeHandler();
}
}
CustomHandshakeHandler.java
public class CustomHandshakeHandler extends DefaultHandshakeHandler {
#Override
protected Principal determineUser(ServerHttpRequest request, WebSocketHandler wsHandler,
Map<String, Object> attributes) {
return request.getPrincipal(); // return null here, how to populate principal???
}
}
Server side:
template.convertAndSendToUser(username, "/greetings", new Greeting("Hello World!"));
Client side:
function connect(username) {
var socket = new SockJS('http://localhost:8081/websocket/hello');
stompClient = Stomp.over(socket);
stompClient.connect({}, function(frame) {
setConnected(true);
console.log('Connected: ' + frame);
//stompClient.subscribe('/topic/greetings', function(greeting){
stompClient.subscribe('/user/' + username + '/greetings', function(greeting){
showGreeting(JSON.parse(greeting.body).content);
});
});
}
Error log:
ERROR: org.springframework.web.socket.sockjs.transport.session.WebSocketServerSockJsSession - Closing due to transport error for SockJS session id=zw90o_sm
ERROR: org.springframework.web.socket.handler.LoggingWebSocketHandlerDecorator - Transport error for SockJS session id=zw90o_sm
java.lang.IllegalArgumentException: No 'javax.websocket.server.ServerContainer' ServletContext attribute. Are you running in a Servlet container that supports JSR-356?
at org.springframework.util.Assert.notNull(Assert.java:112)
at org.springframework.web.socket.server.standard.AbstractStandardUpgradeStrategy.getContainer(AbstractStandardUpgradeStrategy.java:68)
at org.springframework.web.socket.server.standard.TomcatRequestUpgradeStrategy.getContainer(TomcatRequestUpgradeStrategy.java:85)
at org.springframework.web.socket.server.standard.TomcatRequestUpgradeStrategy.getContainer(TomcatRequestUpgradeStrategy.java:47)
at org.springframework.web.socket.server.standard.AbstractStandardUpgradeStrategy.getSupportedExtensions(AbstractStandardUpgradeStrategy.java:88)
at org.springframework.web.socket.server.support.DefaultHandshakeHandler.doHandshake(DefaultHandshakeHandler.java:206)
at org.springframework.web.socket.sockjs.transport.handler.WebSocketTransportHandler.handleRequest(WebSocketTransportHandler.java:83)
at org.springframework.web.socket.sockjs.transport.TransportHandlingSockJsService.handleTransportRequest(TransportHandlingSockJsService.java:254)
at org.springframework.web.socket.sockjs.support.AbstractSockJsService.handleRequest(AbstractSockJsService.java:317)
at org.springframework.web.socket.sockjs.support.SockJsHttpRequestHandler.handleRequest(SockJsHttpRequestHandler.java:88)
at org.springframework.web.servlet.mvc.HttpRequestHandlerAdapter.handle(HttpRequestHandlerAdapter.java:51)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:938)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:870)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:961)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:852)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:620)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:837)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:313)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:695)
Jul 24, 2014 11:55:21 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet [appServlet] in context with path [/websocket] threw exception [Request processing failed; nested exception is org.springframework.web.socket.sockjs.SockJsException: Uncaught failure in SockJS request, uri=http://localhost:8081/websocket/hello/474/zw90o_sm/websocket; nested exception is org.springframework.web.socket.sockjs.SockJsTransportFailureException: WebSocket handshake failure; nested exception is java.lang.IllegalArgumentException: No 'javax.websocket.server.ServerContainer' ServletContext attribute. Are you running in a Servlet container that supports JSR-356?] with root cause
java.lang.IllegalArgumentException: No 'javax.websocket.server.ServerContainer' ServletContext attribute. Are you running in a Servlet container that supports JSR-356?
at org.springframework.util.Assert.notNull(Assert.java:112)
at org.springframework.web.socket.server.standard.AbstractStandardUpgradeStrategy.getContainer(AbstractStandardUpgradeStrategy.java:68)
at org.springframework.web.socket.server.standard.TomcatRequestUpgradeStrategy.getContainer(TomcatRequestUpgradeStrategy.java:85)
at org.springframework.web.socket.server.standard.TomcatRequestUpgradeStrategy.getContainer(TomcatRequestUpgradeStrategy.java:47)
at org.springframework.web.socket.server.standard.AbstractStandardUpgradeStrategy.getSupportedExtensions(AbstractStandardUpgradeStrategy.java:88)
at org.springframework.web.socket.server.support.DefaultHandshakeHandler.doHandshake(DefaultHandshakeHandler.java:206)
at org.springframework.web.socket.sockjs.transport.handler.WebSocketTransportHandler.handleRequest(WebSocketTransportHandler.java:83)
at org.springframework.web.socket.sockjs.transport.TransportHandlingSockJsService.handleTransportRequest(TransportHandlingSockJsService.java:254)
at org.springframework.web.socket.sockjs.support.AbstractSockJsService.handleRequest(AbstractSockJsService.java:317)
at org.springframework.web.socket.sockjs.support.SockJsHttpRequestHandler.handleRequest(SockJsHttpRequestHandler.java:88)
at org.springframework.web.servlet.mvc.HttpRequestHandlerAdapter.handle(HttpRequestHandlerAdapter.java:51)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:938)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:870)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:961)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:852)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:620)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:837)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:313)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:695)
ERROR: org.springframework.messaging.simp.user.DefaultUserDestinationResolver - Ignoring message, no principal info available
You are asking one thing but the error log you posted shows another problem:
java.lang.IllegalArgumentException: No 'javax.websocket.server.ServerContainer' ServletContext attribute. Are you running in a Servlet container that supports JSR-356?
So are you running in a servlet container that supports JSR-356? If you are running on Tomcat you need at least Tomcat 7.0.47. For other servlet container you have to check what version you need. From the Spring docs:
The Spring Framework provides a WebSocket API designed to adapt to various WebSocket engines. For example, it runs on JSR-356 runtimes such as Tomcat (7.0.47+), GlassFish (4.0+) and WildFly (8.0+) but can also adapt to other WebSocket runtimes such as the Jetty (9.1+) native WebSocket support.