tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject JAASRealm with Basic Authentication
Date Sun, 31 Aug 2003 14:07:51 GMT
I am trying to run my JAASRealm implementation, and I have it working
successfully on my own apps using Form-based authentication, but when I
try to use it for tomcat's manager tool (configured in
webapps/manager.xml) or any other app using basic authentication, I have
problems.

First of all tomcat throws a NullPointerException which originates from:

Caused by: java.lang.NullPointerException
	at
org.apache.catalina.realm.JAASCallbackHandler.handle(JAASCallbackHandler.java:156)
	at javax.security.auth.login.LoginContext$5.run(LoginContext.java:812)


At this point, the browser has just got the authentication request and
it shows me the basic authentication dialog. Then when I submit, with
the wrong password, I get the retry? dialog, but with the correct
password, tomcat gives me a 403: access denied.

I can see in tomcat's source that JAASCallbackHandler is not handling a
null password, but I don't understand why it is being passed a null
password. I think there must be an exception in
auth.login.LoginContext.run() which is being swallowed, resulting in
null user & pw parameters being passed.

Any help appreciated!
Adam


Mime
View raw message