I am using SecurityFilter 2.0 with a Strtus 1.2.7 app running on Tomcat 5.5.9. When I try to access the first page, I get an exception -
java.lang.NullPointerException
org.securityfilter.filter.SecurityFilter.doFilter(SecurityFilter.java:120)
What could be wrong?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
java.lang.NullPointerException
at org.securityfilter.filter.SecurityFilter.doFilter(SecurityFilter.java:120)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Here's my securityfilter-config.xml -
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE securityfilter-config PUBLIC
"-//SecurityFilter.org//DTD Security Filter Configuration 2.0//EN"
"http://www.securityfilter.org/dtd/securityfilter-config_2_0.dtd">
<!-- start with a Catalina realm adapter to wrap the Catalina realm defined below -->
<realm className="org.securityfilter.realm.catalina.CatalinaRealmAdapter" />
Even though the exception is reported in the SecurityFilter, it is probably occuring in your jsp page or associated logic. Try with an empty jsp page and see if it happens there as well.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I finally figured out the problem and it was a coding error. In my security-filter config file, I had not closed the realm tag correctly. I had closed it as <realm> instead of </realm> !
Thanks for all your help.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I know this is an ancient thread, but I'm having a similar problem and my securityfilter-config.xml is proper. The error is caused by the fact that init() isn't being called in the SecurityFilter class before doFilter is called. It would seem that this is caused by a bad xml setup (improper logic in my case, not syntax). Just thought I'd give a heads up to anyone else out there who might find this thread in the future. I'll post back when I figure out what's wrong.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
My problem wasn't in my configuration, it was just that the
org.securityfilter.realm.catalina.CatalinaRealmAdapter
unable to parse input: java.lang.ClassNotFoundException: org.securityfilter.realm.catalina.CatalinaRealmAdapter
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
My problem wasn't in my configuration, it was just that the Realm Adapter I was using (
org.securityfilter.realm.catalina.CatalinaRealmAdapter ) wasn't found by netbeans. I just had to move some source files around from one directory to another. Hope this thread helped you. :-)
Now that I have this simple little example application working, I should be able to figure out how to get the security filter working with JSF links. If I need to change any code to get it to work I'll be sure to contribute any changes I make.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I am using SecurityFilter 2.0 with a Strtus 1.2.7 app running on Tomcat 5.5.9. When I try to access the first page, I get an exception -
java.lang.NullPointerException
org.securityfilter.filter.SecurityFilter.doFilter(SecurityFilter.java:120)
What could be wrong?
Here's the full stacktrace -
java.lang.NullPointerException
at org.securityfilter.filter.SecurityFilter.doFilter(SecurityFilter.java:120)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Here's my securityfilter-config.xml -
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE securityfilter-config PUBLIC
"-//SecurityFilter.org//DTD Security Filter Configuration 2.0//EN"
"http://www.securityfilter.org/dtd/securityfilter-config_2_0.dtd">
<securityfilter-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Client Portal</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>testgroup</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/Login.jsp</form-login-page>
<form-error-page>/AuthError.jsp</form-error-page>
<form-default-page>/SelectProject.jsp</form-default-page>
</form-login-config>
</login-config>
<!-- start with a Catalina realm adapter to wrap the Catalina realm defined below -->
<realm className="org.securityfilter.realm.catalina.CatalinaRealmAdapter" />
<realm className="org.apache.catalina.realm.JDBCRealm">
<realm-param name="driverName" value="net.sourceforge.jtds.jdbc.Driver"/>
<realm-param name="debug" value="99"/>
<realm-param name="connectionURL" value="jdbc:jtds:sqlserver://192.168.11.69:1433/ClientPortal"/>
<realm-param name="connectionName" value="sa"/>
<realm-param name="connectionPassword" value="java99"/>
<realm-param name="userTable" value="Users"/>
<realm-param name="userNameCol" value="Username"/>
<realm-param name="userCredCol" value="Password"/>
<realm-param name="userRoleTable" value="UserRoles"/>
<realm-param name="roleNameCol" value="UserRoles"/>
<realm>
</securityfilter-config>
Even though the exception is reported in the SecurityFilter, it is probably occuring in your jsp page or associated logic. Try with an empty jsp page and see if it happens there as well.
Hmm, the problem seems to come from setting up the url pattern, line 120 reads
URLPatternMatcher patternMatcher = patternFactory.createURLPatternMatcher();
Probably need more logs to determine where things are going wrong. Can you try validating the config file against the dtd?
The login page is secured.
You can add a folder for the login's page and error login page.
You can define a new rule for this new folder. The folder isn't secured.
I created a test JSPpage with just Hello World in the body. I got the same error when I tried accessing it. What could be wrong?
Torgeir,
How do I validate the config file against the security filter dtd (http://www.securityfilter.org/dtd/securityfilter-config_2_0.dtd)?
I finally figured out the problem and it was a coding error. In my security-filter config file, I had not closed the realm tag correctly. I had closed it as <realm> instead of </realm> !
Thanks for all your help.
I know this is an ancient thread, but I'm having a similar problem and my securityfilter-config.xml is proper. The error is caused by the fact that init() isn't being called in the SecurityFilter class before doFilter is called. It would seem that this is caused by a bad xml setup (improper logic in my case, not syntax). Just thought I'd give a heads up to anyone else out there who might find this thread in the future. I'll post back when I figure out what's wrong.
My problem wasn't in my configuration, it was just that the
org.securityfilter.realm.catalina.CatalinaRealmAdapter
unable to parse input: java.lang.ClassNotFoundException: org.securityfilter.realm.catalina.CatalinaRealmAdapter
My problem wasn't in my configuration, it was just that the Realm Adapter I was using (
org.securityfilter.realm.catalina.CatalinaRealmAdapter ) wasn't found by netbeans. I just had to move some source files around from one directory to another. Hope this thread helped you. :-)
Now that I have this simple little example application working, I should be able to figure out how to get the security filter working with JSF links. If I need to change any code to get it to work I'll be sure to contribute any changes I make.
There are tools like xmllint and others. Search on google. Myself I ue netbeans which can validate XML files for you.
I use NetBeans 4.1 but never knew that it had a Validate XML feature. Thanks for all your help.
I have the same problem, but it only occurs when I use the -security parameter to start tomcat. Does anyone know how this could be resolved please?