Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-610

The continuation of SPNEGO requests causes a 'Login failure' error to be reported.

    XMLWordPrintable

Details

    • Task
    • Resolution: Obsolete
    • Major
    • Negotiation_2_2_2
    • None
    • Negotiation
    • None

    Description

      The continuation from the login module now causes the following error to be logged: -

      12:46:42,245 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--10.36.4.52-8080-1) Login failure: javax.security.auth.login.LoginException: Continuation Required.
      at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:174) [jboss-negotiation-2.2.0.SNAPSHOT.jar:2.2.0.SNAPSHOT]
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_24]
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_24]
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_24]
      at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_24]
      at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [:1.6.0_24]
      at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_24]
      at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_24]
      at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_24]
      at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_24]
      at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_24]
      at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411) [picketbox-infinispan-4.0.1.jar:4.0.1]
      at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345) [picketbox-infinispan-4.0.1.jar:4.0.1]
      at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154) [picketbox-infinispan-4.0.1.jar:4.0.1]
      at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127) [jboss-as-web-7.1.0.Alpha1-SNAPSHOT.jar:7.1.0.Alpha1-SNAPSHOT]
      at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:187) [jboss-negotiation-2.2.0.SNAPSHOT.jar:2.2.0.SNAPSHO

      Bringing Kerberos to the domain management security is going to require some of the same behaviour as we have in the SPNEGOLoginModule - it may make sense to pull this common behaviour out of the login module anyway for consistency - this would also remove the exception being logged here.

      Attachments

        Activity

          People

            darran.lofthouse@redhat.com Darran Lofthouse
            darran.lofthouse@redhat.com Darran Lofthouse
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: