Major bug in ProgrammaticLogin?
Hello everybody.
I have migrated our server from Sun ONE Web Server 6.1 to Sun Java System Web Server 7.0.
I'm using Custom Realm with programmatic login.
Suddently i was comforted with fallowing error message while logging to realm:
SEC1132: Bad runtime object type. Programmatic login failed.
As i started to investigate, i soon saw that i was almost the only one with this problem (ok, one had also, http://forum.java.sun.com/thread.jspa?messageID=9728353ﳜ�) So.. i decompiled some classes from server and started to search what's the big deal here, since the error message is complete waste of time and errorcode listing says: Contact Support.
What i found was a complete shock to me:
ProgrammaticLogin calls WebProgrammaticLogin class and it's expexting that HttpServletRequests implementation is org.apache.coyote.tomcat5.CoyoteRequestFacade. Then i printed the class-name from servlet and it gave me: org.apache.catalina.core.ApplicationHttpRequest
You see my concern? If anyone has any little bit of tips to give, please do so. First i thought, that some kind of wrapper would be... not guite ok.
http://tomcat.apache.org/tomcat-5.0-doc/catalina/docs/api/org/apache/coyote/tom cat5/CoyoteRequestFacade.html
http://www.docjar.org/docs/api/org/apache/catalina/core/ApplicationHttpRequest. html
[1383 byte] By [
zenixia] at [2007-11-27 8:24:11]
# 2
Given the error message, I'm fairly sure the code may have made unwarranted assumptions about internal implementation detail. Be sure to use the APIs only as documented. You can't mix'n'match container-managed and non-container-managed authentication at the same time, they are mutually exclusive.
But as kmeduri said, details will help. Specifically, show us exactly what this realm is doing with programmatic login. With that we can confirm or discard the above guess. Cut & pasted code is best, or at least a pseudocode detailed description of the logic.
jyria at 2007-7-12 20:13:09 >
# 3
Sorry for delay, it was midsummerholidays.
Here is a samples that we've been using.
I have another realm, that is using normal login page and
it's working fine. So maybe have just misconfiguration here?
I cannot tell you anymore about the surrounding logic since i'm under strict rules.
areatoprotect/RealmLogin makes the programmatic login
server.xml:
<auth-realm>
<name>realm</name>
<class>com.company.realm</class>
<property>
<name>jaas-context</name>
<value>realm</value>
</property>
<property>
<name>connectionPoolJNDI</name>
<value>java:comp/env/jdbc/myPool</value>
</property>
</auth-realm>
web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/areatoprotect/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>myrole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>realm</realm-name>
<form-login-config>
<form-login-page>/areatoprotect/RealmLogin</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>myrole</role-name>
</security-role>
sun-web.xml
<security-role-mapping>
<role-name>myrole</role-name>
<group-name>mygroup</group-name>
</security-role-mapping>
code to log-in:
ProgrammaticLogin pm = new ProgrammaticLogin();
pm.login(username,password,request,response);
