NullPointerException in com.sun.web.security.RealmAdapter.hasRole
I have installed the application server (8.1_02 (build b11-fcs)) along with Access Manager (7 2005Q4) and the Policy Agent (2.2) for the app server. I tried deploying the sample application (agentsample) that comes with the policy agent and after I fixed the group-names in the sun-web.xml and sun-application.xml files to match our realm in access manager, I got all of the pages in the sample application to work except one: thesecurityawareservletwhich attempts to check the user's roles viarequest.isUserInRole(). This servlet fails with aNullPointerExceptionas shown in the following statck trace:
javax.servlet.ServletException: AmAgentFilter: An exception has occured
com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:65)
root cause
java.lang.NullPointerException
com.sun.web.security.RealmAdapter.hasRole(RealmAdapter.java:166)
org.apache.coyote.tomcat5.CoyoteRequest.isUserInRole(CoyoteRequest.java:2302)
org.apache.coyote.tomcat5.CoyoteRequestFacade.isUserInRole(CoyoteRequestFacade.java:768)
com.sun.identity.agents.sample.SecurityAwareServlet.getSecurityDetails(SecurityAwareServlet.java:73)
com.sun.identity.agents.sample.SecurityAwareServlet.processRequest(SecurityAwareServlet.java:63)
com.sun.identity.agents.sample.SampleServletBase.doGet(Unknown Source)
javax.servlet.http.HttpServlet.service(HttpServlet.java:747)
javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
sun.reflect.GeneratedMethodAccessor255.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
java.security.AccessController.doPrivileged(Native Method)
com.sun.identity.agents.filter.AmAgentBaseFilter.allowRequestToContinue(AmAgentBaseFilter.java:82)
com.sun.identity.agents.filter.AmAgentBaseFilter.doFilter(AmAgentBaseFilter.java:43)
Note that theSecurityAwareEJBImplEJB in the same application successfully reads roles via thecontext.isCallerInRole(). I need to be able to check user roles in servlets (and JSPs) not just EJBs, but I have no idea what is causing this. Ideas?
