Integrating jGuard in s JSF application

2008-01-28
2013-05-08
  • deathstar64
    deathstar64
    2008-01-28

    Hello,

    I am developing a webapp on a tomcat server (on Netbeans 6.0) and I've chosen jGuard to provide security for it!
    Since now, I've run the standalone jguard-jsf-example successfully (tables populated, login-logout processes working),
    so I am trying now to integrate it in my webapp. But after adding a few entries in web.xml I get the following exception:

    28 Jan 2008 1:20:18 μμ org.apache.catalina.core.StandardContext listenerStart
    SEVERE: Exception sending context initialized event to listener instance of class net.sf.jguard.jee.listeners.ContextListener
    java.lang.NullPointerException
            at net.sf.jguard.jee.util.ContextUtil.getContextPath(ContextUtil.java:78)
            at net.sf.jguard.jee.listeners.ContextListener.initAuthentication(ContextListener.java:170)
            at net.sf.jguard.jee.listeners.ContextListener.contextInitialized(ContextListener.java:103)
            at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3830)
            at org.apache.catalina.core.StandardContext.start(StandardContext.java:4337)
            at org.apache.catalina.manager.ManagerServlet.start(ManagerServlet.java:1237)
            at org.apache.catalina.manager.ManagerServlet.doGet(ManagerServlet.java:373)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
            at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
            at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
            at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525)
            at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
            at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
            at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
            at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263)
            at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
            at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:584)
            at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
            at java.lang.Thread.run(Thread.java:595)

    Any suggestion on this?

    I've added the jguard libraries on the webapp libraries' directory, and I've created a /conf directory on the /WEB-INF/ directory where I've altered the jGuardAuthentication.DatabaseOnAuthenticationAndAuthorization.xml
    and jGuardAuthorization.DatabaseOnAuthenticationAndAuthorization.xml, so as to read data from a PostgreSQL database.
    I've still haven't perfectly changed the jGuardFilter but I don't think that's the problem.

    My web.xml is as follows:

    <?xml version="1.0" encoding="UTF-8"?>
    <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
       
       
        <display-name>OSDELPOortal</display-name>
        <description>MyProject web.xml</description>
        <context-param>
            <param-name>authorizationConfigurationLocation</param-name>
             <param-value>/WEB-INF/conf/jGuard/jGuardAuthorization.xml</param-value>
           <!-- <param-value>/WEB-INF/conf/jGuard/jGuardAuthorization.DatabaseOnAuthenticationAndAuthorization.xml</param-value>-->
        </context-param>
        <context-param>
            <param-name>authorizationScope</param-name>
            <param-value>local</param-value>
        </context-param>   
        <context-param>
            <param-name>enableJMX</param-name>
            <param-value>false</param-value>
        </context-param>
        <context-param>
            <param-name>authenticationConfigurationLocation</param-name>
             <param-value>/WEB-INF/conf/jGuard/jGuardAuthentication.xml</param-value>
            <!--<param-value>/WEB-INF/conf/jGuard/jGuardAuthentication.DatabaseOnAuthenticationAndAuthorization.xml</param-value> -->
        </context-param>
        <context-param>
            <param-name>authenticationScope</param-name>
            <param-value>local</param-value>
        </context-param>
        <context-param>
         <param-name>listenerConfigurationLocation</param-name>
         <param-value>/WEB-INF/conf/jGuard/jGuardFilter.xml</param-value>
        </context-param>
       
        <context-param>
            <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
            <param-value>client</param-value>
        </context-param>
        <context-param>
            <param-name>com.sun.faces.validateXml</param-name>
            <param-value>true</param-value>
        </context-param>
        <context-param>
            <param-name>com.sun.faces.verifyObjects</param-name>
            <param-value>false</param-value>
        </context-param>

        <filter>
            <!-- prevent direct access to *.jsp by redirecting to .jsf  -->
            <filter-name>redirectFilter</filter-name>
            <filter-class>net.sf.jguard.jsf.RedirectFilter</filter-class>
            <init-param>
                <param-name>targetExtension</param-name>
                <param-value>.jsf</param-value>
            </init-param>
        </filter>
        <filter-mapping>
            <filter-name>redirectFilter</filter-name>
            <url-pattern>*.jsp</url-pattern>
        </filter-mapping>
            <listener>
            <listener-class>net.sf.jguard.jee.listeners.SessionListener</listener-class>
        </listener>
        <listener>
            <listener-class>net.sf.jguard.jee.listeners.ContextListener</listener-class>
        </listener>
       
       <!-- <listener>
            <listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
        </listener> -->
        <servlet>
            <servlet-name>Faces Servlet</servlet-name>
            <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
            <init-param>
                <param-name>javax.faces.LIFECYCLE_ID</param-name>
                <param-value>com.sun.faces.lifecycle.PARTIAL</param-value>
            </init-param>
            <load-on-startup>1</load-on-startup>
        </servlet>
        <servlet-mapping>
            <servlet-name>Faces Servlet</servlet-name>
            <url-pattern>/faces/*</url-pattern>
        </servlet-mapping>
       
        <servlet>
            <servlet-name>ExceptionHandlerServlet</servlet-name>
            <servlet-class>com.sun.errorhandler.ExceptionHandler</servlet-class>
            <init-param>
                <param-name>errorHost</param-name>
                <param-value>localhost</param-value>
            </init-param>
            <init-param>
                <param-name>errorPort</param-name>
                <param-value>24444</param-value>
            </init-param>
        </servlet>
       
        <servlet-mapping>
            <servlet-name>ExceptionHandlerServlet</servlet-name>
            <url-pattern>/error/ExceptionHandler</url-pattern>
        </servlet-mapping>

        <session-config>
            <session-timeout>
                30
            </session-timeout>
        </session-config>
        <welcome-file-list>
            <welcome-file>faces/jsp/Main.jsp</welcome-file>
            </welcome-file-list>
        <error-page>
            <exception-type>javax.servlet.ServletException</exception-type>
            <location>/error/ExceptionHandler</location>
        </error-page>
        <error-page>
            <exception-type>java.io.IOException</exception-type>
            <location>/error/ExceptionHandler</location>
        </error-page>
        <error-page>
            <exception-type>javax.faces.FacesException</exception-type>
            <location>/error/ExceptionHandler</location>
        </error-page>
        <error-page>
            <exception-type>com.sun.rave.web.ui.appbase.ApplicationException</exception-type>
            <location>/error/ExceptionHandler</location>
        </error-page>
       
        <security-constraint>
            <display-name>Constraint1</display-name>
            <web-resource-collection>
                <web-resource-name>OSDELPortal</web-resource-name>
                <description>Secure Pages</description>
                <url-pattern>*.jspf</url-pattern>
                <url-pattern>*.jsp</url-pattern>
                <http-method>GET</http-method>
                <http-method>POST</http-method>
            </web-resource-collection>

            <user-data-constraint>
                <description/>
                <transport-guarantee>CONFIDENTIAL</transport-guarantee>
            </user-data-constraint>
            </security-constraint>

            <jsp-config>
            <jsp-property-group>
                <url-pattern>*.jspf</url-pattern>
                <is-xml>true</is-xml>
            </jsp-property-group>
            </jsp-config>
        <resource-ref>
            <description>Visual Web generated DataSource Reference</description>
            <res-ref-name>jdbc/public_PostgreSQL</res-ref-name>
            <res-type>javax.sql.DataSource</res-type>
            <res-auth>Container</res-auth>
        </resource-ref>
        </web-app>

    With Regards,

    Antony