Hi, I've searched for a while and while I was browsing josso's source code, I saw that this is a Spring Context exception, correct me if I'm wrong.
I'm using josso 1.8 and jboss 4.2.2.GA.
This is my current problem description:
I'm going to have two kinds of rules, the first one can be called System Role and the second one User Role.
The System Role will be used only by JOSSO to know which systems a user can have access.
The User Role will have the role itself.
Example:
System Role: Student
User Role: Graduated Student
My current goal is to have a filter (my next step will be to integrate Spring Security to this pŕoject) in this partner and on the filter I'll get the UserRoles of the current User. This is my filter class:
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package filtro;
/**
*
* @author mario
*/
public class LoginFilter implements Filter {
public LoginFilter() {
}
/**
*
* @param request The servlet request we are processing
* @param response The servlet response we are creating
* @param chain The filter chain we are processing
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
final HttpServletRequest req = (HttpServletRequest) request;
final HttpServletResponse res = (HttpServletResponse) response;
final HttpSession session = req.getSession();
public void init(FilterConfig arg0) throws ServletException {
}
public void destroy() {
}
}
As you can see, it's not doing anything, however, this is what I got after I removed everything I didn't need (as I was getting this error, and I'm still). This is my error trace:
17:44:00,621 INFO [TomcatDeployer] undeploy, ctxPath=/map, warUrl=.../tmp/deploy/tmp69692291020594408MyPartnerApp-exp.war/
17:44:00,652 INFO [TomcatDeployer] deploy, ctxPath=/map, warUrl=.../tmp/deploy/tmp5464034037712883619MyPartnerApp-exp.war/
17:44:04,990 ERROR [STDERR] 02/09/2009 17:44:04 filtro.LoginFilter doFilter
SEVERE: null
java.lang.IllegalArgumentException: Config locations must not be null
at org.springframework.util.Assert.noNullElements(Assert.java:241)
at org.springframework.context.support.AbstractRefreshableConfigApplicationContext.setConfigLocations(AbstractRefreshableConfigApplicationContext.java:78)
at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:137)
at org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:158)
at org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:51)
at org.josso.agent.config.SpringComponentKeeperImpl.<init>(SpringComponentKeeperImpl.java:51)
at org.josso.agent.config.SpringComponentKeeperFactoryImpl.newComponentKeeper(SpringComponentKeeperFactoryImpl.java:33)
at org.josso.agent.Lookup.getComponentKeeper(Lookup.java:125)
at org.josso.agent.Lookup.lookupSSOAgent(Lookup.java:102)
at filtro.LoginFilter.doFilter(LoginFilter.java:70)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.josso.tc55.agent.SSOAgentValve.invoke(SSOAgentValve.java:597)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:619)
The error is coming from the method lookupSSOAgent(), but why?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
You're not required to implement any filter (nor any other component) in order to make JOSSO perform Web RBAC (Role Based Access Control).
Just use the standard web.xml constraints within your JEE partner application and make sure that the Josso Gateway is told on how to retrieve such user roles.
Then if you wish to use fine grained authorization using Spring Security, you can do so without any additional coding. Spring Security will base its assertions on the active Subject (supplied by the Josso Agent).
Regards,
Gianluca.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm working with Bruno in this application. What we really want to do is acces the user logged information on JOSSO. We need at least the login, this way we can load all the user information our system needs to work.
We're using an filter to get the user login to load the user on the system.
The code we're using is based on the sample given by the JOSSO documentation on the site.
But when we call "Lookup.getInstance().lookupSSOAgent()" to get the SSOAgent we get the following exception:
"java.lang.IllegalArgumentException: Config locations must not be null "
So, how can we configure the locations to get it?
Or what we must do to make get the agent?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
There is no need to programmatically access the agent for this.
If you wish to get the user identifier of the user associated with the SSO session you can just use the standard API call getRemoteUser() (http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletRequest.html#getRemoteUser()) .
The Josso agent will fill this for you.
Then, if you wish to get additional data about the user, I'd suggest you use SSO properties which can be defined within the identity store. For instance, you may export the user e-mail address, phone #, etc. from your store (e.g. Directory) .
In order to access this data from the partner application-tier, you need to get the principal of the request (http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletRequest.html#getUserPrincipal()) and cast it to SSOUser in order to fetch the JOSSO-specific user properties.
Hope this helps,
Regards,
Gianluca.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm working with Bruno in this application. What we really want to do is acces the user logged information on JOSSO. We need at least the login, this way we can load all the user information our system needs to work.
We're using an filter to get the user login to load the user on the system.
The code we're using is based on the sample given by the JOSSO documentation on the site.
But when we call "Lookup.getInstance().lookupSSOAgent()" to get the SSOAgent we get the following exception:
"java.lang.IllegalArgumentException: Config locations must not be null "
So, how can we configure the locations to get it?
Or what we must do to make get the agent?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi, I've searched for a while and while I was browsing josso's source code, I saw that this is a Spring Context exception, correct me if I'm wrong.
I'm using josso 1.8 and jboss 4.2.2.GA.
This is my current problem description:
I'm going to have two kinds of rules, the first one can be called System Role and the second one User Role.
The System Role will be used only by JOSSO to know which systems a user can have access.
The User Role will have the role itself.
Example:
System Role: Student
User Role: Graduated Student
My current goal is to have a filter (my next step will be to integrate Spring Security to this pŕoject) in this partner and on the filter I'll get the UserRoles of the current User. This is my filter class:
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package filtro;
import java.io.*;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.josso.agent.Lookup;
import org.josso.agent.SSOAgent;
import org.josso.agent.http.HttpSSOAgent;
/**
*
* @author mario
*/
public class LoginFilter implements Filter {
public LoginFilter() {
}
/**
*
* @param request The servlet request we are processing
* @param response The servlet response we are creating
* @param chain The filter chain we are processing
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet error occurs
*/
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
final HttpServletRequest req = (HttpServletRequest) request;
final HttpServletResponse res = (HttpServletResponse) response;
final HttpSession session = req.getSession();
try {
HttpSSOAgent agent = (HttpSSOAgent) Lookup.getInstance().lookupSSOAgent();
SSOAgent jossoAgent = Lookup.getInstance().lookupSSOAgent();
} catch (Exception ex) {
Logger.getLogger(LoginFilter.class.getName()).log(Level.SEVERE, null, ex);
}
((HttpServletResponse) response).sendRedirect(req.getContextPath());
}
public void init(FilterConfig arg0) throws ServletException {
}
public void destroy() {
}
}
As you can see, it's not doing anything, however, this is what I got after I removed everything I didn't need (as I was getting this error, and I'm still). This is my error trace:
17:44:00,621 INFO [TomcatDeployer] undeploy, ctxPath=/map, warUrl=.../tmp/deploy/tmp69692291020594408MyPartnerApp-exp.war/
17:44:00,652 INFO [TomcatDeployer] deploy, ctxPath=/map, warUrl=.../tmp/deploy/tmp5464034037712883619MyPartnerApp-exp.war/
17:44:04,990 ERROR [STDERR] 02/09/2009 17:44:04 filtro.LoginFilter doFilter
SEVERE: null
java.lang.IllegalArgumentException: Config locations must not be null
at org.springframework.util.Assert.noNullElements(Assert.java:241)
at org.springframework.context.support.AbstractRefreshableConfigApplicationContext.setConfigLocations(AbstractRefreshableConfigApplicationContext.java:78)
at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:137)
at org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:158)
at org.apache.xbean.spring.context.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:51)
at org.josso.agent.config.SpringComponentKeeperImpl.<init>(SpringComponentKeeperImpl.java:51)
at org.josso.agent.config.SpringComponentKeeperFactoryImpl.newComponentKeeper(SpringComponentKeeperFactoryImpl.java:33)
at org.josso.agent.Lookup.getComponentKeeper(Lookup.java:125)
at org.josso.agent.Lookup.lookupSSOAgent(Lookup.java:102)
at filtro.LoginFilter.doFilter(LoginFilter.java:70)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.josso.tc55.agent.SSOAgentValve.invoke(SSOAgentValve.java:597)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:619)
The error is coming from the method lookupSSOAgent(), but why?
Hi Bruno,
You're not required to implement any filter (nor any other component) in order to make JOSSO perform Web RBAC (Role Based Access Control).
Just use the standard web.xml constraints within your JEE partner application and make sure that the Josso Gateway is told on how to retrieve such user roles.
Then if you wish to use fine grained authorization using Spring Security, you can do so without any additional coding. Spring Security will base its assertions on the active Subject (supplied by the Josso Agent).
Regards,
Gianluca.
Hey Gianluca,
I'm working with Bruno in this application. What we really want to do is acces the user logged information on JOSSO. We need at least the login, this way we can load all the user information our system needs to work.
We're using an filter to get the user login to load the user on the system.
The code we're using is based on the sample given by the JOSSO documentation on the site.
But when we call "Lookup.getInstance().lookupSSOAgent()" to get the SSOAgent we get the following exception:
"java.lang.IllegalArgumentException: Config locations must not be null "
So, how can we configure the locations to get it?
Or what we must do to make get the agent?
Hi Daniel,
There is no need to programmatically access the agent for this.
If you wish to get the user identifier of the user associated with the SSO session you can just use the standard API call getRemoteUser() (http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletRequest.html#getRemoteUser()) .
The Josso agent will fill this for you.
Then, if you wish to get additional data about the user, I'd suggest you use SSO properties which can be defined within the identity store. For instance, you may export the user e-mail address, phone #, etc. from your store (e.g. Directory) .
In order to access this data from the partner application-tier, you need to get the principal of the request (http://java.sun.com/javaee/5/docs/api/javax/servlet/http/HttpServletRequest.html#getUserPrincipal()) and cast it to SSOUser in order to fetch the JOSSO-specific user properties.
Hope this helps,
Regards,
Gianluca.
Hey Gianluca,
I'm working with Bruno in this application. What we really want to do is acces the user logged information on JOSSO. We need at least the login, this way we can load all the user information our system needs to work.
We're using an filter to get the user login to load the user on the system.
The code we're using is based on the sample given by the JOSSO documentation on the site.
But when we call "Lookup.getInstance().lookupSSOAgent()" to get the SSOAgent we get the following exception:
"java.lang.IllegalArgumentException: Config locations must not be null "
So, how can we configure the locations to get it?
Or what we must do to make get the agent?
Thanks Gianluca,
It worked well.
Thank you very very much!