Topic
  • 11 replies
  • Latest Post - ‏2013-08-28T17:53:28Z by wrodrig
PaoloBerardo
PaoloBerardo
6 Posts

Pinned topic Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

‏2013-08-27T11:32:07Z |

I have a problem using Liberty Profile 8.5.5 with LDAP. I have an EAR with application.xml setted correctly for security. into the ear i have a web probject with web.xml setted correctly. The login authentication goes well (request.getRemoteUser() gives correct result) but in the next action, when i use response.isUserInRoles returns me this exception:

    [FATAL] [isUserInRole - WebAppSecurityCollaboratorImpl.java:327] Exception in method ...
    Exception type: class java.lang.NullPointerException Msg: null
    java.lang.NullPointerException

I really don't understand how this could happen... If someone have a solution, a work-around, a fix, please tell me.
 

  • rsanchezh
    rsanchezh
    26 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-27T14:20:56Z  

    Hello,

    Does the same application work fine in WAS? Also, do you have  a  stack trace of the error?

  • PaoloBerardo
    PaoloBerardo
    6 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-27T14:52:28Z  
    • rsanchezh
    • ‏2013-08-27T14:20:56Z

    Hello,

    Does the same application work fine in WAS? Also, do you have  a  stack trace of the error?

    Hello rsanchezh, the same application works well on WAS 8.5 on linux server.

    When I ran it on WLP 8.5.5 on my local machine, it gives this exception. The same exception is generated if I don't connect to the LDAP server and use a local user registry...

    P.S: There isn't a stack trace of this error... the only info are that i reported into my previous post... there isn't a FFDC file, no other logs for this error... it's an error generated from an IBM class, so our logger can't do much....

  • rsanchezh
    rsanchezh
    26 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-27T16:21:02Z  

    Hello rsanchezh, the same application works well on WAS 8.5 on linux server.

    When I ran it on WLP 8.5.5 on my local machine, it gives this exception. The same exception is generated if I don't connect to the LDAP server and use a local user registry...

    P.S: There isn't a stack trace of this error... the only info are that i reported into my previous post... there isn't a FFDC file, no other logs for this error... it's an error generated from an IBM class, so our logger can't do much....

    Probably you already saw this document, but did you configure the liberty server with the necessary features, like described here?

    http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=%2Fcom.ibm.websphere.wlp.nd.doc%2Fae%2Ftwlp_sec_ldap.html

  • utle@us.ibm.com
    utle@us.ibm.com
    8 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-27T16:34:16Z  

    Hi,

    Can you provide a high level of your scenario? Do you call isUserInRole() method from your application or from a form login page? If you call it  from a form login page, can you try to call this method from your application? It should work if you call this method from your application

    Ut.

     

     

  • PaoloBerardo
    PaoloBerardo
    6 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-27T16:36:05Z  
    • rsanchezh
    • ‏2013-08-27T16:21:02Z

    Probably you already saw this document, but did you configure the liberty server with the necessary features, like described here?

    http://pic.dhe.ibm.com/infocenter/wasinfo/v8r5/index.jsp?topic=%2Fcom.ibm.websphere.wlp.nd.doc%2Fae%2Ftwlp_sec_ldap.html

    Hello again :-)

    I have read and followed this tutorial to make correct settings of the server.xml.

    If my settings aren't good, it can't respond correctly to request.getRemoteUser() (this method return null if the user isn't authenticated).

    The problem is in the next action. When i use response.isUserInRole, websphere call WebAppSecurityCollaboratorImpl and give me this runtime error. I don't understand why... it's a WLP issue? is there a fix for it? is there a workaround?

     

    Thanks in advance, have a nice day.

  • PaoloBerardo
    PaoloBerardo
    6 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-27T16:39:58Z  

    Hi,

    Can you provide a high level of your scenario? Do you call isUserInRole() method from your application or from a form login page? If you call it  from a form login page, can you try to call this method from your application? It should work if you call this method from your application

    Ut.

     

     

    Hello utle@us.ibm.com, when i use this method (isUserInRole) i'm in an action after a form login page where i use j_security_check.

    So i'm an authorized user. After the login i need some info about the user (for example the abilitated roles) because i must permit the user to use some function related to his roles.

    When i call this method (from my machine, with WLP 8.5.5 with correct settings) it gives me this exception.

  • utle@us.ibm.com
    utle@us.ibm.com
    8 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-27T16:45:51Z  

    Hello utle@us.ibm.com, when i use this method (isUserInRole) i'm in an action after a form login page where i use j_security_check.

    So i'm an authorized user. After the login i need some info about the user (for example the abilitated roles) because i must permit the user to use some function related to his roles.

    When i call this method (from my machine, with WLP 8.5.5 with correct settings) it gives me this exception.

    Hi,

    Can you post the form login page where you call this method. Please.

    Ut

  • PaoloBerardo
    PaoloBerardo
    6 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-27T16:53:32Z  

    Hi,

    Can you post the form login page where you call this method. Please.

    Ut

    <form id="loginForm" method="POST" action="j_security_check">
        <INPUT type="text" id="j_username" name="j_username">
    <INPUT type="password" id="j_password" name="j_password">
    <input type="submit" id="submitButton" name="submitButton" value="INVIA">
       </form>

     

    this is the login form. i don't use a scriptlet, i don't call isUserInRole from a jsp,

    i call it into an action after the login...

    i'm in an action after a form login page where i use j_security_check.

    So i'm an authorized user. After the login i need some info about the user (for example the abilitated roles) because i must permit the user to use some function related to his roles.

     

     

  • utle@us.ibm.com
    utle@us.ibm.com
    8 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-27T20:11:43Z  
    <form id="loginForm" method="POST" action="j_security_check">
        <INPUT type="text" id="j_username" name="j_username">
    <INPUT type="password" id="j_password" name="j_password">
    <input type="submit" id="submitButton" name="submitButton" value="INVIA">
       </form>

     

    this is the login form. i don't use a scriptlet, i don't call isUserInRole from a jsp,

    i call it into an action after the login...

    i'm in an action after a form login page where i use j_security_check.

    So i'm an authorized user. After the login i need some info about the user (for example the abilitated roles) because i must permit the user to use some function related to his roles.

     

     

    There is seem to be a problem, please open a PMR so our security support team can investigate this problem further. Thanks.

  • PaoloBerardo
    PaoloBerardo
    6 Posts

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-28T08:30:22Z  

    There is seem to be a problem, please open a PMR so our security support team can investigate this problem further. Thanks.

    Thanks for the info, i'm opening a PRM (first time for me). I put Customer Code and motivation and click on Submit.

    Existing Access  ( 1 )

    Customer Code IBM Offer Access Level State
      Base

    Is it correct?

    Thanks in advance, sorry but it's the first PRM for me.

  • wrodrig
    wrodrig
    1 Post

    Re: Liberty Profile 8.5.5 WebAppSecurityCollaboratorImpl problem

    ‏2013-08-28T17:53:28Z  

    Thanks for the info, i'm opening a PRM (first time for me). I put Customer Code and motivation and click on Submit.

    Existing Access  ( 1 )

    Customer Code IBM Offer Access Level State
      Base

    Is it correct?

    Thanks in advance, sorry but it's the first PRM for me.

    Hi Paolo:

    To make sure all is good, please take a look at this link that explains the process to open PMR.

     

    Hope this helps