geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joe Bohn (JIRA)" <...@geronimo.apache.org>
Subject [jira] Updated: (GERONIMO-1375) Invalid login to console should not produce stack trace
Date Sat, 17 Dec 2005 20:54:35 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-1375?page=all ]

Joe Bohn updated GERONIMO-1375:
-------------------------------

    Attachment: LoginError.patch

This is more of a problem of logging rather than a real problem.  I'm not exactly sure of
the best way to fix this ... but this patch includes some changes to make the logging more
quiet.  This patch makes the following changes:
- ServerLoginProxy - Updated return a FailedLoginException rather than wrapping it in a generic
LoginException so that Tomcat will handle with a debug message rather than a warning message.
- TomcatGeronimoRealm - Check for null userid/pw and fail the login with a debug message if
found.
- JAASJettyRealm - Check for null userid/pw and fail the login with a debug message.  Issue
a debug message for FailedLoginException rather than a warning message.

> Invalid login to console should not produce stack trace
> -------------------------------------------------------
>
>          Key: GERONIMO-1375
>          URL: http://issues.apache.org/jira/browse/GERONIMO-1375
>      Project: Geronimo
>         Type: Bug
>   Components: Tomcat
>     Versions: 1.0-M5
>  Environment: all
>     Reporter: anita kulshreshtha
>     Priority: Minor
>      Fix For: 1.0, 1.x
>  Attachments: LoginError.patch
>
>     Invalid login, e.g. bad user name should not produce the following stack trace. I
have not tested if jetty-server also has the same problem.
> 10:26:41,609 WARN  [TomcatGeronimoRealm] Login exception authenticating username "s"
> javax.security.auth.login.LoginException: Error filling callback list
>         at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:75)
>         at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
>         at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
>         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>         at java.lang.reflect.Method.invoke(Method.java:324)
>         at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
>         at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
>         at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
>         at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
>         at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:372)
>         at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
>         at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
>         at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:416)
>         at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:272)
>         at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
>         at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
>         at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
>         at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
>         at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
>         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
>         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
>         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
>         at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
>         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
>         at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
>         at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java
> :663)
>         at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
>         at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
>         at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
>         at java.lang.Thread.run(Thread.java:534)
> Caused by: javax.security.auth.login.FailedLoginException
>         at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.login(PropertiesFileLoginModule.java:1
> 47)
>         at org.apache.geronimo.security.jaas.server.JaasLoginService.performLogin(JaasLoginService.java:236)
>         at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
>         at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
>         at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
>         at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
>         at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
>         at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
>         at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
>         at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
>         at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$f86adc7c.performLogin(<gener
> ated>)
>         at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:73)
>         ... 33 more

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message