Hot questions for Using GlassFish in authentication

Top Java Programmings / GlassFish / authentication

Question:

I worked with GlassFish so much, now when i try to start GlassFish and when i set username and password, i get Authentication Failed :

  • I tryed with another glassfish, and another version 3.1.2.1 and 3.1.2, and Oracle GlassFish Server 3.1.2.2

  • I delete my domain and i create it again many times, but i get the same problem,

  • I create a domain without password, but still ask for the password!!
  • I use jdk1.7.0.

I think the problem in my windows?

Someone have an idea about this problem, and how to solve it?

Log

[#|2016-11-06T08:54:21.111+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.ssl.security.com.sun.enterprise.security.ssl.impl|_ThreadID=94;_ThreadName=Thread-2;|SEC5054: Certificate has expired: [
[
  Version: V3
  Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: 23741889829347261660812437366387754385443431973861114865490414153884050331745811968523116847625570146592736935209718565296053386842135985534863157983128812774162998053673746470782252407673402238146869994438729551246768368782318393878374421033907597162218758024581735139682087126982809511479059100617027892880227587855877479432885604404402435662802390484099065871430585284534529627347717530352189612077130606642676951640071336717026459037542552927905851171460589361570392199748753414855675665635003335769915908187224347232807336022456537328962095005323382940080676931822787496212635993279098588863972868266229522169377
  public exponent: 65537
  Validity: [From: Fri Aug 14 15:50:00 GMT+01:00 1998,
               To: Thu Aug 15 00:59:00 GMT+01:00 2013]
  Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  SerialNumber: [    01b6]

Certificate Extensions: 4
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 76 0A 49 21 38 4C 9F DE   F8 C4 49 C7 71 71 91 9D  v.I!8L....I.qq..
]
]

[2]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
  [CertificatePolicyId: [1.2.840.113763.1.2.1.3]
[]  ]
]

[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  Key_CertSign
  Crl_Sign
]

[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
  CA:true
  PathLen:5
]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 41 3A D4 18 5B DA B8 DE   21 1C E1 8E 09 E5 F1 68  A:..[...!......h
0010: 34 FF DE 96 F4 07 F5 A7   3C F3 AC 4A B1 9B FA 92  4.......<..J....
0020: FA 9B ED E6 32 21 AA 4A   76 C5 DC 4F 38 E5 DF D5  ....2!.Jv..O8...
0030: 86 E4 D5 C8 76 7D 98 D7   B1 CD 8F 4D B5 91 23 6C  ....v......M..#l
0040: 8B 8A EB EA 7C EF 14 94   C4 C6 F0 1F 4A 2D 32 71  ............J-2q
0050: 63 2B 63 91 26 02 09 B6   80 1D ED E2 CC B8 7F DB  c+c.&...........
0060: 87 63 C8 E1 D0 6C 26 B1   35 1D 40 66 10 1B CD 95  .c...l&.5.@f....
0070: 54 18 33 61 EC 13 4F DA   13 F7 99 AF 3E D0 CF 8E  T.3a..O.....>...
0080: A6 72 A2 B3 C3 05 9A C9   27 7D 92 CC 7E 52 8D B3  .r......'....R..
0090: AB 70 6D 9E 89 9F 4D EB   1A 75 C2 98 AA D5 02 16  .pm...M..u......
00A0: D7 0C 8A BF 25 E4 EB 2D   BC 98 E9 58 38 19 7C B9  ....%..-...X8...
00B0: 37 FE DB E2 99 08 73 06   C7 97 83 6A 7D 10 01 2F  7.....s....j.../
00C0: 32 B9 17 05 4A 65 E6 2F   CE BE 5E 53 A6 82 E9 9A  2...Je./..^S....
00D0: 53 0A 84 74 2D 83 CA C8   94 16 76 5F 94 61 28 F0  S..t-.....v_.a(.
00E0: 85 A7 39 BB D7 8B D9 A8   B2 13 1D 54 09 34 24 7D  ..9........T.4$.
00F0: 20 81 7D 66 7E A2 90 74   5C 10 C6 BD EC AB 1B C2   ..f...t\.......

]|#]

[#|2016-11-06T08:54:29.913+0100|WARNING|glassfish3.1.2|org.apache.catalina.connector.Request|_ThreadID=94;_ThreadName=Thread-2;|PWC4011: Unable to set request character encoding to UTF-8 from context , because request parameters have already been read, or ServletRequest.getReader() has already been called|#]

[#|2016-11-06T08:54:31.147+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.ssl.security.com.sun.enterprise.security.ssl.impl|_ThreadID=57;_ThreadName=Thread-2;|SEC5054: Certificate has expired: [
[
  Version: V3
  Subject: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 2048 bits
  modulus: 23741889829347261660812437366387754385443431973861114865490414153884050331745811968523116847625570146592736935209718565296053386842135985534863157983128812774162998053673746470782252407673402238146869994438729551246768368782318393878374421033907597162218758024581735139682087126982809511479059100617027892880227587855877479432885604404402435662802390484099065871430585284534529627347717530352189612077130606642676951640071336717026459037542552927905851171460589361570392199748753414855675665635003335769915908187224347232807336022456537328962095005323382940080676931822787496212635993279098588863972868266229522169377
  public exponent: 65537
  Validity: [From: Fri Aug 14 15:50:00 GMT+01:00 1998,
               To: Thu Aug 15 00:59:00 GMT+01:00 2013]
  Issuer: CN=GTE CyberTrust Root 5, OU="GTE CyberTrust Solutions, Inc.", O=GTE Corporation, C=US
  SerialNumber: [    01b6]

Certificate Extensions: 4
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 76 0A 49 21 38 4C 9F DE   F8 C4 49 C7 71 71 91 9D  v.I!8L....I.qq..
]
]

[2]: ObjectId: 2.5.29.32 Criticality=false
CertificatePolicies [
  [CertificatePolicyId: [1.2.840.113763.1.2.1.3]
[]  ]
]

[3]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
  Key_CertSign
  Crl_Sign
]

[4]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
  CA:true
  PathLen:5
]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: 41 3A D4 18 5B DA B8 DE   21 1C E1 8E 09 E5 F1 68  A:..[...!......h
0010: 34 FF DE 96 F4 07 F5 A7   3C F3 AC 4A B1 9B FA 92  4.......<..J....
0020: FA 9B ED E6 32 21 AA 4A   76 C5 DC 4F 38 E5 DF D5  ....2!.Jv..O8...
0030: 86 E4 D5 C8 76 7D 98 D7   B1 CD 8F 4D B5 91 23 6C  ....v......M..#l
0040: 8B 8A EB EA 7C EF 14 94   C4 C6 F0 1F 4A 2D 32 71  ............J-2q
0050: 63 2B 63 91 26 02 09 B6   80 1D ED E2 CC B8 7F DB  c+c.&...........
0060: 87 63 C8 E1 D0 6C 26 B1   35 1D 40 66 10 1B CD 95  .c...l&.5.@f....
0070: 54 18 33 61 EC 13 4F DA   13 F7 99 AF 3E D0 CF 8E  T.3a..O.....>...
0080: A6 72 A2 B3 C3 05 9A C9   27 7D 92 CC 7E 52 8D B3  .r......'....R..
0090: AB 70 6D 9E 89 9F 4D EB   1A 75 C2 98 AA D5 02 16  .pm...M..u......
00A0: D7 0C 8A BF 25 E4 EB 2D   BC 98 E9 58 38 19 7C B9  ....%..-...X8...
00B0: 37 FE DB E2 99 08 73 06   C7 97 83 6A 7D 10 01 2F  7.....s....j.../
00C0: 32 B9 17 05 4A 65 E6 2F   CE BE 5E 53 A6 82 E9 9A  2...Je./..^S....
00D0: 53 0A 84 74 2D 83 CA C8   94 16 76 5F 94 61 28 F0  S..t-.....v_.a(.
00E0: 85 A7 39 BB D7 8B D9 A8   B2 13 1D 54 09 34 24 7D  ..9........T.4$.
00F0: 20 81 7D 66 7E A2 90 74   5C 10 C6 BD EC AB 1B C2   ..f...t\.......

]|#]

[#|2016-11-06T08:54:31.149+0100|WARNING|glassfish3.1.2|org.apache.catalina.connector.Request|_ThreadID=57;_ThreadName=Thread-2;|PWC4011: Unable to set request character encoding to UTF-8 from context , because request parameters have already been read, or ServletRequest.getReader() has already been called|#]

[#|2016-11-06T08:54:32.613+0100|INFO|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=57;_ThreadName=Thread-2;|Unsupported Response Format: 'text/html; charset=utf-8'!|#]

[#|2016-11-06T08:55:01.001+0100|WARNING|glassfish3.1.2|javax.enterprise.system.jmx.org.glassfish.admin.mbeanserver|_ThreadID=43;_ThreadName=Thread-2;|JMX007: Cannot start JMX connector JmxConnector config: { name = system, Protocol = rmi_jrmp, Address = 0.0.0.0, Port = 8686, AcceptAll = false, AuthRealmName = admin-realm, SecurityEnabled = false} having exception java.io.IOException: Cannot bind to URL [rmi://HISSAB-VDI15.grp-sonelgaz.sng:8686/jmxrmi]: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: Exception creating connection to: HISSAB-VDI15.grp-sonelgaz.sng; nested exception is: 
    java.net.SocketException: Malformed reply from SOCKS server]|#]

[#|2016-11-06T08:55:01.004+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;|java.io.IOException: Cannot bind to URL [rmi://HISSAB-VDI15.grp-sonelgaz.sng:8686/jmxrmi]: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: Exception creating connection to: HISSAB-VDI15.grp-sonelgaz.sng; nested exception is: 
    java.net.SocketException: Malformed reply from SOCKS server]
    at javax.management.remote.rmi.RMIConnectorServer.newIOException(RMIConnectorServer.java:827)
    at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:432)
    at org.glassfish.admin.mbeanserver.RMIConnectorStarter.start(RMIConnectorStarter.java:301)
    at org.glassfish.admin.mbeanserver.JMXStartupService$JMXConnectorsStarterThread.startConnector(JMXStartupService.java:287)
    at org.glassfish.admin.mbeanserver.JMXStartupService$JMXConnectorsStarterThread.run(JMXStartupService.java:328)
Caused by: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: Exception creating connection to: HISSAB-VDI15.grp-sonelgaz.sng; nested exception is: 
    java.net.SocketException: Malformed reply from SOCKS server]
    at com.sun.jndi.rmi.registry.RegistryContext.rebind(RegistryContext.java:159)
    at com.sun.jndi.toolkit.url.GenericURLContext.rebind(GenericURLContext.java:249)
    at javax.naming.InitialContext.rebind(InitialContext.java:427)
    at javax.naming.InitialContext.rebind(InitialContext.java:427)
    at javax.management.remote.rmi.RMIConnectorServer.bind(RMIConnectorServer.java:642)
    at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:427)
    ... 3 more
Caused by: java.rmi.ConnectIOException: Exception creating connection to: HISSAB-VDI15.grp-sonelgaz.sng; nested exception is: 
    java.net.SocketException: Malformed reply from SOCKS server
    at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:632)
    at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
    at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
    at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:340)
    at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)
    at com.sun.jndi.rmi.registry.RegistryContext.rebind(RegistryContext.java:157)
    ... 8 more
Caused by: java.net.SocketException: Malformed reply from SOCKS server
    at java.net.SocksSocketImpl.readSocksReply(SocksSocketImpl.java:128)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:459)
    at java.net.Socket.connect(Socket.java:579)
    at java.net.Socket.connect(Socket.java:528)
    at java.net.Socket.<init>(Socket.java:425)
    at java.net.Socket.<init>(Socket.java:208)
    at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
    at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:146)
    at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
    ... 13 more
|#]

[#|2016-11-06T08:55:01.004+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at javax.management.remote.rmi.RMIConnectorServer.newIOException(RMIConnectorServer.java:827)|#]

[#|2016-11-06T08:55:01.004+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:432)|#]

[#|2016-11-06T08:55:01.004+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at org.glassfish.admin.mbeanserver.RMIConnectorStarter.start(RMIConnectorStarter.java:301)|#]

[#|2016-11-06T08:55:01.005+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at org.glassfish.admin.mbeanserver.JMXStartupService$JMXConnectorsStarterThread.startConnector(JMXStartupService.java:287)|#]

[#|2016-11-06T08:55:01.005+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at org.glassfish.admin.mbeanserver.JMXStartupService$JMXConnectorsStarterThread.run(JMXStartupService.java:328)|#]

[#|2016-11-06T08:55:01.005+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;|Caused by: javax.naming.CommunicationException [Root exception is java.rmi.ConnectIOException: Exception creating connection to: HISSAB-VDI15.grp-sonelgaz.sng; nested exception is: 
    java.net.SocketException: Malformed reply from SOCKS server]|#]

[#|2016-11-06T08:55:01.005+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at com.sun.jndi.rmi.registry.RegistryContext.rebind(RegistryContext.java:159)|#]

[#|2016-11-06T08:55:01.006+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at com.sun.jndi.toolkit.url.GenericURLContext.rebind(GenericURLContext.java:249)|#]

[#|2016-11-06T08:55:01.006+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at javax.naming.InitialContext.rebind(InitialContext.java:427)|#]

[#|2016-11-06T08:55:01.006+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at javax.naming.InitialContext.rebind(InitialContext.java:427)|#]

[#|2016-11-06T08:55:01.006+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at javax.management.remote.rmi.RMIConnectorServer.bind(RMIConnectorServer.java:642)|#]

[#|2016-11-06T08:55:01.006+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:427)|#]

[#|2016-11-06T08:55:01.007+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| ... 3 more|#]

[#|2016-11-06T08:55:01.007+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;|Caused by: java.rmi.ConnectIOException: Exception creating connection to: HISSAB-VDI15.grp-sonelgaz.sng; nested exception is: 
    java.net.SocketException: Malformed reply from SOCKS server|#]

[#|2016-11-06T08:55:01.007+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:632)|#]

[#|2016-11-06T08:55:01.007+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)|#]

[#|2016-11-06T08:55:01.008+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)|#]

[#|2016-11-06T08:55:01.008+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:340)|#]

[#|2016-11-06T08:55:01.008+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at sun.rmi.registry.RegistryImpl_Stub.rebind(Unknown Source)|#]

[#|2016-11-06T08:55:01.008+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at com.sun.jndi.rmi.registry.RegistryContext.rebind(RegistryContext.java:157)|#]

[#|2016-11-06T08:55:01.009+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| ... 8 more|#]

[#|2016-11-06T08:55:01.009+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;|Caused by: java.net.SocketException: Malformed reply from SOCKS server|#]

[#|2016-11-06T08:55:01.009+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at java.net.SocksSocketImpl.readSocksReply(SocksSocketImpl.java:128)|#]

[#|2016-11-06T08:55:01.009+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:459)|#]

[#|2016-11-06T08:55:01.010+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at java.net.Socket.connect(Socket.java:579)|#]

[#|2016-11-06T08:55:01.010+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at java.net.Socket.connect(Socket.java:528)|#]

[#|2016-11-06T08:55:01.010+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at java.net.Socket.<init>(Socket.java:425)|#]

[#|2016-11-06T08:55:01.010+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at java.net.Socket.<init>(Socket.java:208)|#]

[#|2016-11-06T08:55:01.010+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)|#]

[#|2016-11-06T08:55:01.011+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:146)|#]

[#|2016-11-06T08:55:01.011+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)|#]

[#|2016-11-06T08:55:01.011+0100|SEVERE|glassfish3.1.2|javax.enterprise.system.std.com.sun.enterprise.server.logging|_ThreadID=43;_ThreadName=Thread-2;| ... 13 more|#]

[#|2016-11-06T08:55:02.438+0100|INFO|glassfish3.1.2|null|_ThreadID=42;_ThreadName=Thread-2;|Domain Pinged: stable.glassfish.org|#]

Answer:

Ulises Fasoli's blog has a great tutorial for glassfish admin password. Please check the following procedure:

If like me you hate having to type your user/password combination every-time that you run the asadmin utility command you have 2 options

  1. Creating a password file and then using the --user --passwordfile options everytime you execute an asadmin command (ugh...)
  2. Using the asadmin login command and never think about your password again Here's how you could implement both solutions :
1. Creating the password file

First you will need to create a file following the directives that can be found here[http://docs.oracle.com/cd/E19776-01/820-4495/ghytn/index.html]

AS_ADMIN_MASTERPASSWORD=mypassword
AS_ADMIN_USERPASSWORD=mypassword
AS_ADMIN_ALIASPASSWORD=mypassword


${glassfish_install}/glassfish/bin/asadmin  --user admin --passwordfile ${glassfish_install}/glassfish-password.txt list-applications mydomain

Now even though this works perfectly I find it a bit of a nag to have to write all this every-time I want to execute an asadmin command and sure I could write a bash script that wraps the underlying asadmin tool with the --user and --passwordfile options pre-generated but I just don't want to

2. Using the asadmin login command

The one I prefer though is using the asadmin login command.

Basically what this command does is it prompts you for your glassfish credentials and then stores them in an encrypted file (.asadminpass) under the user's home folder

Here is how to use it :
${glassfish_install}/glassfish/bin/asadmin login 
Enter admin user name [default: admin]> admin
Enter admin password>
Login information relevant to admin user name [admin]
for host [localhost] and admin port [4848] stored at
[/home/user/.asadminpass] successfully.
Make sure that this file remains protected.

Once this is done you will be able to execute asadmin commands without being prompted for a password

${glassfish_install}/glassfish/bin/asadmin list-applications
Nothing to list.
Command list-applications executed successfully.

You can even store remote glassfish instances password by using the --host flag with the login command

[arte@arte-epg-api2 .ssh]$ /data/glassfish/bin/asadmin login --host myremotehost.com
Enter admin user name [default: admin]> admin
Enter admin password>
Login information relevant to admin user name [admin]
for host [myremotehost.com] and admin port [4848] stored at
[/home/user/.asadminpass] successfully.
Make sure that this file remains protected.

Question:

Trying to connect my java web application with MS-SQL server using sqljdbc41 for jdk 1.8. Here is the database connection code-

    Connection connection;
    String url = "jdbc:sqlserver://localhost:1433;databaseName=Lista;integratedSecurity=true";
    Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
    connection = DriverManager.getConnection(url);

when i am trying to insert some values to the database like-

    PreparedStatement ps = connection.prepareStatement("INSERT INTO user_informations VALUES(?,?,?)");

    ps.setString(1, "value");
    ps.setString(2, "value");
    ps.setString(3, "value");

    ps.executeUpdate();

getting the following error each time-

com.microsoft.sqlserver.jdbc.SQLServerException: This driver is not configured for integrated authentication

Here are some informations about what i have tried yet-

  • i have added the path of sqljdbc41 in the path variable.
  • i have added the path of sqljdbc_auth.dll in the path variable.
  • i have added the sqljdbc41.jar into my Nebeans project library.
  • i have added the sqljdbc_auth.dll into both bin folder under jdk and jre.
  • my jdk is 64 bit under program files folder not in program file(x86).
  • jdbc driver folder is also in program file directory.
  • sql server and sql server browser services are also running.

Edit

Now i experiencing a new thing-after restarting my pc when i deploy the project for the first time then it is working perfectly but when i make any change in my code and re-run the project it's not working!


Answer:

I solved my problem!

The error (described in my question above) i was getting because the glassfish server had not any access on sqljdbc42.jar file. so i have placed the sqljdbc42.jar file into my glassfish server in this location-

glassfish-4.1\glassfish\domains\domain1\lib

And it's now working perfectly.

Thank you everyone!

Question:

I am looking for a way to connect to multiple instances of Glassfish 4+ (JDK7-EE) simultaneously from a stand-alone Swing-based client (JDK7-SE). I successfully connect to a single instance by the following way:

That's the construction of the initial context:

private void connect(String address, String port) {
    System.setProperty("java.naming.factory.initial", "com.sun.enterprise.naming.SerialInitContextFactory");
    System.setProperty("com.sun.corba.ee.transport.ORBTCPTimeouts", "500:30000:20:"+Integer.MAX_VALUE);
    System.setProperty("com.sun.corba.ee.transport.ORBTCPConnectTimeouts", "250:90000:100:"+Integer.MAX_VALUE);
    System.setProperty("com.sun.corba.ee.transport.ORBWaitForResponseTimeout", "300000");
    System.setProperty("java.security.auth.login.config", new File("login.conf").getAbsolutePath());
    System.setProperty("org.omg.CORBA.ORBInitialHost", address);
    System.setProperty("org.omg.CORBA.ORBInitialPort", port);
    InitialContext context = new InitialContext();
}

Look-ups are done by JNDI using a remote interface:

context.lookup("java:global/LawSuiteEE/LawSuiteEE-ejb/GlobalsFacade!ch.lawsuite.control.GlobalsFacadeRemote");

I am using a custom JDBC realm that resides on the server and works fine. On the client side I pass the following login.conf to the initial context (see code above):

default {
    com.sun.enterprise.security.auth.login.ClientPasswordLoginModule required debug=true;
};

Authentication is currently done by ProgrammaticLogin:

private void login(String username, char[] password) {
    ProgrammaticLogin plogin = new ProgrammaticLogin();
    plogin.login(username, password);
}

All of this is working fine! But during startup of the stand-alone client, I want to simultaneously connect to another EJB located on a different server.

Since ProgrammaticLogin has no direct relation to the initial context, I am not sure how to login to two different Glassfish servers simulteneously with different credentials (e.g. username/password) ? Someone any ideas ?


Answer:

Further examination of the issue has uncovered, that the initial context can only be set once on a per JVM basis. So as soon as the ORB is set up by using System.setProperty(String, String) and the inital context object is instantiated, the design of the SerialInitContextFactory let's you no more change the selected endpoint(s).

Therefore I decide to connect within different JVMs to the different Glassfish servers. So finally I ended up with a separate project that manages the connections to the application server and communicates by RMI with the main project.

Currently my project consists of two different EE projects to which I want connect simultaneously, namely "LawSuiteEE" and "MgmtCenterEE". Here's the new project that handles the connections:

public static void main(String args[]) {
    try {
        if(args.length==2) {
            if(args[1].equals("LawSuiteEE")) {
                ILawSuiteEE stub = (ILawSuiteEE) UnicastRemoteObject.exportObject(new LawSuiteEE(), 0);
                Registry registry = LocateRegistry.createRegistry(Integer.parseInt(args[0]));
                registry.bind("LawSuiteEE", stub);
            } else if(args[1].equals("MgmtCenterEE")) {
                ILawSuiteEE stub = (ILawSuiteEE) UnicastRemoteObject.exportObject(new MgmtCenterEE(), 0);
                Registry registry = LocateRegistry.createRegistry(Integer.parseInt(args[0]));
                registry.bind("MgmtCenterEE", stub);
            } else {
                throw new NumberFormatException();
            }
            Logger.getLogger(RemoteContext.class.getName()).log(Level.INFO, "Remote context service is listening on port "+args[0]+" for incoming requests delegating to "+args[1]+".");
            System.out.println("SIGNAL[READY]");
        } else {
            throw new NumberFormatException();
        }
    } catch (RemoteException ex) {
        System.exit(1);
    } catch (AlreadyBoundException ex) {
        System.exit(2);
    } catch(NumberFormatException ex) {
        System.exit(3);
    }

The interface ILawSuiteEE is used for RMI between this and the main project (the second interface IMgmtCenterEE is quite the same):

public interface ILawSuiteEE extends IConcurrentDatastore {

    void connect(String address, String port) throws RemoteException;

    void disconnect() throws RemoteException;

    boolean login(String username, char[] password) throws RemoteException;

}

The appropriate implementation:

public class LawSuiteEE implements ILawSuiteEE {

private InitialContext context;
private ProgrammaticLogin login;


@Override
public void connect(String address, String port) throws RemoteException {
    if(context==null) {
        try {
            System.setProperty("java.naming.factory.initial", "com.sun.enterprise.naming.SerialInitContextFactory");
            System.setProperty("com.sun.corba.ee.transport.ORBTCPTimeouts", "500:30000:20:"+Integer.MAX_VALUE);
            System.setProperty("com.sun.corba.ee.transport.ORBTCPConnectTimeouts", "250:90000:100:"+Integer.MAX_VALUE);
            System.setProperty("com.sun.corba.ee.transport.ORBWaitForResponseTimeout", "300000");
            System.setProperty("java.security.auth.login.config", new File("login.conf").getAbsolutePath());
            System.setProperty("org.omg.CORBA.ORBInitialHost", address);
            System.setProperty("org.omg.CORBA.ORBInitialPort", Integer.toString(port));
            Logger.getLogger(RemoteDatastore.class.getName()).log(Level.INFO, "Try to connect to application server at "+System.getProperty("org.omg.CORBA.ORBInitialHost")+":"+System.getProperty("org.omg.CORBA.ORBInitialPort")+" ...");            
            context = new InitialContext();
        } catch (NamingException ex) {
            throw new RemoteException(ex.getMessage());
        }
    }
}

@Override
public void disconnect() throws RemoteException {
    if(context!=null) {
        try {
            context.close();
            Logger.getLogger(LawSuiteEE.class.getName()).log(Level.INFO, "Server context successfully closed.");
        } catch (NamingException ex) {
            Logger.getLogger(LawSuiteEE.class.getName()).log(Level.SEVERE, "Couldn't close server context.");
        } finally {
            this.facades.clear();
            this.services.clear();
            this.context=null;
        }
    }
}

@Override
public boolean login(String username, char[] password) throws RemoteException {
    login = new ProgrammaticLogin();
    return login.login(username, password);
}

}

In the main project I'm going to connect with the following:

public class LawSuiteDatastore extends Thread implements ILawSuiteEE {

    private int port;
    private int trials;
    private boolean ready;
    private Process process;
    private ILawSuiteEE stub;

    public LawSuiteDatastore() {
        this.setName("K+: Remote-Datastore-Connection");
        this.port = RemoteDatastoreService.cport++;
    }

    @Override
    public void run() {
        try {
            Tools.log(RemoteDatastoreService.class, Level.INFO, "Starting RMI registry on port "+port+" for connecting to LawSuiteEE server instance.");
            this.process = Runtime.getRuntime().exec(new String[] {"java", "-jar", Context.getWorkingDirectory()+"/lib/LawSuiteSX.jar", Integer.toString(port), "LawSuiteEE"});
            //<editor-fold defaultstate="collapsed" desc="Redirect Error Stream">
            new Thread(new Runnable() {
                @Override
                public void run() {
                    try{
                        try(DataInputStream in = new DataInputStream(process.getErrorStream())) {
                            BufferedReader br = new BufferedReader(new InputStreamReader(in));
                            String line;
                            while((line=br.readLine())!=null) {
                                Tools.log(RemoteDatastoreService.class, Level.SEVERE, line);
                            }
                        }
                    } catch(Exception ex){
                        Tools.log(MgmtCenterDatastore.class, Level.SEVERE, ex.getMessage());
                    }
                }
            }).start();
            //</editor-fold>
            //<editor-fold defaultstate="collapsed" desc="Redirect Output Stream">
            new Thread(new Runnable() {
                @Override
                public void run() {
                    try{
                        try(DataInputStream in = new DataInputStream(process.getInputStream())) {
                            BufferedReader br = new BufferedReader(new InputStreamReader(in));
                            String line;
                            while((line=br.readLine())!=null)   {
                                if(line.contains("SIGNAL[READY]")) { ready=true; }
                                Tools.log(RemoteDatastoreService.class, Level.INFO, line);
                            }
                        }
                    } catch(Exception ex){
                        Tools.log(MgmtCenterDatastore.class, Level.SEVERE, ex.getMessage());
                    }
                }
            }).start();
            //</editor-fold>
            // keep thread alive as long process is alive
            if(process.waitFor()>0) {
                // port was already bound
                if(process.exitValue()==2) {
                    // try it with a different port and start over again
                    if(trials<3) {
                        process = null;
                        port = ++RemoteDatastoreService.cport;
                        trials++;
                        if(trials<3) {
                            start();
                        }
                    }
                }
            }
        } catch (IOException ex) {
            Tools.log(RemoteDatastoreService.class, Level.SEVERE, ex.getMessage());
        } catch (InterruptedException ex) {
            Tools.log(RemoteDatastoreService.class, Level.SEVERE, ex.getMessage());
        }
    }

    public boolean isReady() {
        return ready;
    }

    public int getTrials() {
        return trials;
    }

    @Override
    public void connect(RemoteDatastore datastore) throws RemoteException {
        try {
            Tools.log(RemoteDatastoreService.class, Level.INFO, "Locating RMI registry on port "+port+" for connecting to LawSuiteEE server instance.");
            Registry registry = LocateRegistry.getRegistry(port);
            stub = (ILawSuiteEE)registry.lookup("LawSuiteEE");
            stub.connect(datastore);
        } catch (NotBoundException ex) {
            Logger.getLogger(RemoteDatastoreService.class.getName()).log(Level.SEVERE, null, ex);
        }
    }

    @Override
    public void disconnect() throws RemoteException {
        if(process!=null && stub!=null) {
            stub.disconnect();
            process.destroy();
        } else {
            throw new RemoteException("Remote RMI server is not ready.");
        }
    }

    @Override
    public boolean login(String username, char[] password) throws RemoteException {
        if(process!=null && stub!=null) {
            return stub.login(username, password);
        } else {
            throw new RemoteException("Remote RMI server is not ready.");
        }
    }

}

Question:

I've been working on a sample Jersey program to familiarize myself with Java web services, and now I would like to add a security layer to it (server - Glassfish, IDE - IntelliJ). Thus far I have implemented a FORM based login system which is supposed to reference an existing Sybase database. The problem is that it doesn't authenticate even if I put in the right credentials, and I don't know enough about authentication in general to troubleshoot it. Hopefully someone here can figure out where I went wrong. Here are the steps I took:

  1. Create a community pool and resource in the Glassfish admin console
  2. Create a JDBC Realm in the Glassfish admin console
  3. Modify the web.xml file to include a security constraint and a login configuration
  4. Create a login.xhtml page and a loginerror.xhtml page

As a side note, the database I am attempting to use is an existing Sybase database that has all sorts of information (not just usernames, but also emails, supervisors, phone extensions, etc). This database does not have an explicit password field, but I am trying to use one of the existing fields (namely one called supervisorEmail) to act as a password field. Therefore, a user can get authenticated with his own email and his supervisor's email.

My first question is: where do I specify what columns to use as the username/password in the database? I thought I would do this in the JdbcRealm definition, but perhaps I am wrong about this. Here is what I have in those fields:

JAAS Context: jdbcRealm

JNDI: jdbc/__AuthDB (the resource I created earlier)

User Table: EmployeeList (the name of the table in the database)

User Name Column: email

Password Column: supervisorEmail

Group Table: Groups (no idea what to put here)

Group Name Column: Name (no idea what to put here)

Password Encryption Algorithm: AES

This would lead to my second question, which is "do I need a group database if all users get the same privileges"? I currently do not have one.

Finally, here are any xml/html files that could be of use for troubleshooting. Sorry for the long post, I wanted to be as specific as possible.

web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
     version="3.1">

<security-constraint>
    <display-name>Admin Pages</display-name>
    <web-resource-collection>
        <web-resource-name>Secured</web-resource-name>
        <url-pattern>/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>

    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>

<!--<deny-uncovered-http-methods/>-->

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>JdbcRealm</realm-name>
    <form-login-config>
        <form-login-page>/login.xhtml</form-login-page>
        <form-error-page>/loginerror.xhtml</form-error-page>
    </form-login-config>
</login-config>

<security-role>
    <role-name>admin</role-name>
</security-role>
<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
</web-app>

login.xhtml:

<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
  xmlns:p="http://primefaces.org/ui">
<body>
    <p:panel header="Login From">
        <form method="POST" action="j_security_check">
            Username: <input type="text" name="j_username"/>
            Password: <input type="password" name="j_password"/>
            <input type="submit" value="Login" />
            <input type="reset" value="Reset" />
        </form>
    </p:panel>
</body>

If you've made it this far, thank you for reading. Any help is greatly appreciated.


Answer:

I figured it out. When you're using a jdbc realm within Glassfish you have to have two separate databases: one that has a list of users/passwords, and one that has a list of users (same ones as the previous database) & what group they belong to. Glassfish will NOT authenticate you if you aren't using groups, even if you want everyone to have the same privileges.

Question:

I am using Glassfish JDBC realm for the authentication of users, so authentication process is managed by its container. I need to use userid/email address as a username. Both userid and email address has different column in postgres user table and i am using JPA. In short user can be logged in by its userid or email.

I have written programatically login and logout methods. login has only two arguments

request.login(username, password);

After searching on google i have a doubt that i have to use somehow user provider which i don't know.

in Below figure i can just enter USERID by i would like to have EMAIL column as well.

any suggestions/hint/idea would be appreciable.


Answer:

There are serveral approaches you can take:

  1. If you aren't interested in the username but just the fact that the user authenticated correctly, you can use a database view unioning userid and email into one column:

    CREATE VIEW vUsers AS SELECT userid, password from Users where userid IS NOT NULL UNION ALL SELECT email, password from Users where email IS NOT NULL

    (note this syntax is not expected to work) You now can redirect the JDBC configuration to that view.

    This is probably not the way you wan't to go. In most cases, after authentication some decisions are made based on the login name. This can now be either email or userid. An Unique login name for the same person is better.

  2. Process the username before login via HttpServletRequest#login: Because userid and email usually are of different formats, you can decide, which one the user provided at the login form.

    • If it is a userid, you can use the HttpServletRequest#login method directly.
    • If it is an email you can lookup the userid for the email and then use HttpServletRequest#login.

    This way. you can not use glassfish form login anymore, but you always end up with the userid as login name.

    See https://docs.oracle.com/cd/E19798-01/821-1841/gircj/index.html

  3. Write your own login module: You could write your own JAAS Login Module. There are several tutorials out there. Nevertheless, this would basically boil down to distinguish between email and userid, so method 2 should suffice.

Question:

I'm kinda new to all of this, but I have a JSF Web Application (which works) which also has a Google Authentication (google authentication works by itself);

I'm trying to pass the response from the google Auth to the JSF login (the email address & google Id) which will then authenticate via a JdbcRealm;

So just to clarify, the JSF authentication via a JdbcRealm works by itself, and the google login by itself works - i just want to pass the response from google (of the email address & google id) to be used as the JSF authentication, & automate the click action of the JSF auth form.

My issue is, that after i log into google, i get the error

TypeError: document.getElementById(...) is null

Here's my JSF login page with all the Javascript;

<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:ui="http://java.sun.com/jsf/facelets"
      xmlns:f="http://xmlns.jcp.org/jsf/core"
      xmlns:h="http://xmlns.jcp.org/jsf/html">

    <h:head>
        <meta charset="utf-8"/>
        <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
        <meta name="viewport" content="width=device-width, initial-scale=1"/>
        <!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags -->
        <meta name="description" content="NDIS Management System"/>
        <meta name="author" content="Danielle Walker"/>
        <meta name="google-signin-client_id" content="270287108664-3g7l6e6ah3gr5am9onokua84t3bvdbvf.apps.googleusercontent.com" />

        <title>NDIS Home</title>
        <!-- Bootstrap core CSS -->
        <h:outputStylesheet name="bootstrap/css/bootstrap.min.css"/>
        <h:outputStylesheet name="bootstrap/css/the-big-picture.css"  />
        <h:outputStylesheet name="css/google-button.css" />
        <!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
        <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
        <f:verbatim>
            <!--[if lt IE 9]>
              <script src="https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js"></script>
              <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
            <![endif]-->    
        </f:verbatim>

        <!-- Google API Javascript needs to be loaded in the page before the actual Javascript -->
        <script src="https://apis.google.com/js/api:client.js" />

        <ui:insert name="head"/>
    </h:head>

    <h:body class="full">

        <nav class="navbar navbar-inverse navbar-fixed-bottom" role="navigation">
            <div class="container">
                <!-- Brand and toggle get grouped for better mobile display -->
                <div class="navbar-header">
                    <button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
                        <span class="sr-only">Toggle navigation</span>
                        <span class="icon-bar"></span>
                        <span class="icon-bar"></span>
                        <span class="icon-bar"></span>
                    </button>
                    <a class="navbar-brand" href="#"></a>
                </div>
                <!-- Collect the nav links, forms, and other content for toggling -->
                <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
                    <ul class="nav navbar-nav">
                        <li>
                            <a href="#">About</a>
                        </li>
                        <li>
                            <a href="#">Contact</a>
                        </li>
                    </ul>
                    <ul class="navbar-right">
                        <li>
                            <div id="gSignInWrapper" style="padding-top:5px;">
                                <div id="customBtn" class="customGPlusSignIn" style="float: right;">
                                    <span class="icon"></span><span class="buttonText">Sign In</span>
                                </div>
                            </div>
                            <span style="color:#f9f9f9"><div id="name"></div></span>
                        </li>
                    </ul>
                </div>
                <!-- /.navbar-collapse -->
            </div>
            <!-- /.container -->
        </nav>

        <h:form id="login" onsubmit="document.getElementById('login').action = 'j_security_check';" prependId="false">
            <!--<h:panelGrid columns="2">-->
            <h:outputLabel for="j_username" value="Username" />
            <h:inputText id="j_username" />            
            <h:outputLabel for="j_password" value="Password" />
            <h:inputText id="j_password" size="8"/>
            <h:commandButton id="submit" value="Login" />
            <!--</h:panelGrid>-->
        </h:form>

        <f:verbatim>
            <script>
                var googleUser = {};
                var startApp = function () {
                    gapi.load('auth2', function () {
                        // Retrieve the singleton for the GoogleAuth library and set up the client.
                        auth2 = gapi.auth2.init({
                            client_id: '270287108664-3g7l6e6ah3gr5am9onokua84t3bvdbvf.apps.googleusercontent.com',
                            cookiepolicy: 'single_host_origin'
                                    // Request scopes in addition to 'profile' and 'email'
                                    //scope: 'additional_scope'
                        });
                        attachSignin(document.getElementById('customBtn'));
                    });
                };
            </script>
        </f:verbatim>

        <script>startApp();</script>
        <f:verbatim>
            <script>
                function attachSignin(element) {
                    console.log(element.id);
                    auth2.attachClickHandler(element, {},
                            function (googleUser) {
                                //document.getElementById('name').text = "Signed in: " +
                                //        googleUser.getBasicProfile().getId();
                                document.getElementById("login.j_username").value = googleUser.getBasicProfile().getEmail();
                                document.getElementById("login.j_password").value = googleUser.getBasicProfile().getId();
                            }, function (error) {
                        alert(JSON.stringify(error, undefined, 2));
                        //alert("Opps... an error Occured");
                    });
                }
                function signOut() {
                    var auth2 = gapi.auth2.getAuthInstance();
                    auth2.signOut().then(function () {
                        console.log('User signed out.');
                    });
                }
            </script>
        </f:verbatim>
        <ui:insert name="body"/>

        <!-- Bootstrap core JavaScript
        ================================================== -->
        <!-- Placed at the end of the document so the pages load faster -->
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
        <h:outputScript name="bootstrap/js/bootstrap.min.js"/>
        <script src="https://apis.google.com/js/api:client.js" />

    </h:body>
</html>

Answer:

I found the answer to my own problem;

With my error message, the problem was obviously in the way i was trying to access the "j_username" & "j_password elements:

TypeError: document.getElementById(...) is null

Anyway, by changing the code i had:

document.getElementById("login.j_username").value = googleUser.getBasicProfile().getEmail();

To instead look like this:

document.getElementById("login").elements[1].value = googleUser.getBasicProfile().getEmail();

In short, the problem was the way i was trying to address the elements of the form, and by addressing the form itself, and then the elements of the form (being in a 0 based array), then it works

Question:

Ok so I have spent a good amount of time on this but, it would appear that everything is set correctly and there is a bug in the com.sun.enterprise.security.ee.auth.realm.jdbc.JDBCRealm code.

I am attempting to use form based authentication with programmatic log in. I am using Glassfish 4 and JDK 1.8_40. When I enter my details into the login page the container attempts to direct me to the secured resource however it gives me a access denied at the same URL. Upon investigating this I have discovered that although the login succeeded the container failed to validate my login and has failed to associate the principle with any roles. This causing the access denied error. In order to discover what was going on I set the logging on glass fish to fine and discovered the array index out of bounds error seen in the stack trace.

[2015-03-25T16:19:43.088+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=59 _ThreadName=http-listener-1(4)] [timeMillis: 1427296783088] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.ee.auth.realm.jdbc.JDBCRealm] [METHODNAME: isUserValid] [[
  Cannot validate user
java.lang.ArrayIndexOutOfBoundsException: 64
    at com.sun.enterprise.security.ee.auth.realm.jdbc.JDBCRealm.isUserValid(JDBCRealm.java:430)
    at com.sun.enterprise.security.ee.auth.realm.jdbc.JDBCRealm.authenticate(JDBCRealm.java:324)
    at com.sun.enterprise.security.ee.auth.login.JDBCLoginModule.authenticate(JDBCLoginModule.java:78)
    at com.sun.enterprise.security.auth.login.PasswordLoginModule.authenticateUser(PasswordLoginModule.java:116)
    at com.sun.enterprise.security.BasePasswordLoginModule.login(BasePasswordLoginModule.java:146)
    at sun.reflect.GeneratedMethodAccessor78.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
    at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
    at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
    at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
    at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
    at com.sun.enterprise.security.auth.login.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:383)
    at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:241)
    at com.sun.enterprise.security.auth.login.LoginContextDriver.login(LoginContextDriver.java:154)
    at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:695)
    at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:636)
    at org.apache.catalina.authenticator.AuthenticatorBase.doLogin(AuthenticatorBase.java:957)
    at org.apache.catalina.authenticator.AuthenticatorBase.login(AuthenticatorBase.java:939)
    at org.apache.catalina.connector.Request.login(Request.java:2245)
    at org.apache.catalina.connector.Request.login(Request.java:2224)
    at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1113)
    at com.merrimansa.beans.UserAuthBean.login(UserAuthBean.java:80)
    at com.merrimansa.beans.UserAuthBean$Proxy$_$$_WeldClientProxy.login(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at javax.el.ELUtil.invokeMethod(ELUtil.java:326)
    at javax.el.BeanELResolver.invoke(BeanELResolver.java:536)
    at javax.el.CompositeELResolver.invoke(CompositeELResolver.java:256)
    at com.sun.el.parser.AstValue.invoke(AstValue.java:269)
    at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:304)
    at org.jboss.weld.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40)
    at org.jboss.weld.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
    at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
    at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:147)
    at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
    at javax.faces.component.UIComponentBase.broadcast(UIComponentBase.java:818)
    at javax.faces.component.UICommand.broadcast(UICommand.java:300)
    at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:790)
    at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1282)
    at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81)
    at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
    at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:198)
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:646)
    at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1682)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:318)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160)
    at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734)
    at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673)
    at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174)
    at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:357)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:260)
    at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:188)
    at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191)
    at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168)
    at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189)
    at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136)
    at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114)
    at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
    at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838)
    at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113)
    at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115)
    at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55)
    at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135)
    at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564)
    at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544)
    at java.lang.Thread.run(Thread.java:745)
]]

[2015-03-25T16:19:43.150+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=33 _ThreadName=admin-listener(2)] [timeMillis: 1427296783150] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[
  [Web-Security] Policy Context ID was: __admingui/__admingui]]

[2015-03-25T16:19:43.151+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=33 _ThreadName=admin-listener(2)] [timeMillis: 1427296783151] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
  [Web-Security] Codesource with Web URL: file:/__admingui/__admingui]]

[2015-03-25T16:19:43.151+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=33 _ThreadName=admin-listener(2)] [timeMillis: 1427296783151] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
  [Web-Security] Checking Web Permission with Principals : null]]

[2015-03-25T16:19:43.151+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=33 _ThreadName=admin-listener(2)] [timeMillis: 1427296783151] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: checkPermissionWithoutCache] [[
  [Web-Security] Web Permission = ("javax.security.jacc.WebResourcePermission" "/download/log/" "GET")]]

[2015-03-25T16:19:43.151+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.jmac.config] [tid: _ThreadID=33 _ThreadName=admin-listener(2)] [timeMillis: 1427296783151] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.jmac.config.GFServerConfigProvider] [METHODNAME: getEntry] [[
  getEntry for: HttpServlet -- GFConsoleAuthModule
    module class: org.glassfish.admingui.common.security.AdminConsoleAuthModule
    options: {loginErrorPage=/loginError.jsf, loginPage=/login.jsf}
    request policy: javax.security.auth.message.MessagePolicy@7a09d92
    response policy: null]]

[2015-03-25T16:19:43.182+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=252 _ThreadName=admin-listener(9)] [timeMillis: 1427296783182] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
  FileRealm : file=/etc/Glassfish4/glassfish4/glassfish/domains/domain1/config/admin-keyfile]]

[2015-03-25T16:19:43.182+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=252 _ThreadName=admin-listener(9)] [timeMillis: 1427296783182] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.realm.file.FileRealm] [METHODNAME: init] [[
  FileRealm : jaas-context=ignore]]

[2015-03-25T16:19:43.184+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=252 _ThreadName=admin-listener(9)] [timeMillis: 1427296783184] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: initialize] [[
  Login module initialized: class com.sun.enterprise.security.auth.login.FileLoginModule]]

[2015-03-25T16:19:43.184+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=252 _ThreadName=admin-listener(9)] [timeMillis: 1427296783184] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: abort] [[
  JAAS authentication aborted.]]

[2015-03-25T16:19:43.197+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=59 _ThreadName=http-listener-1(4)] [timeMillis: 1427296783197] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: login] [[
  JAAS login complete.]]

[2015-03-25T16:19:43.197+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security] [tid: _ThreadID=59 _ThreadName=http-listener-1(4)] [timeMillis: 1427296783197] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.BasePasswordLoginModule] [METHODNAME: commit] [[
  JAAS authentication committed.]]

[2015-03-25T16:19:43.198+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.login] [tid: _ThreadID=59 _ThreadName=http-listener-1(4)] [timeMillis: 1427296783198] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.login.LoginContextDriver] [METHODNAME: doPasswordLogin] [[
  Password login succeeded for : Steve.Merriman@fluid.contitech.co.uk]]

[2015-03-25T16:19:43.207+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.login] [tid: _ThreadID=59 _ThreadName=http-listener-1(4)] [timeMillis: 1427296783207] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.auth.login.LoginContextDriver] [METHODNAME: doPasswordLogin] [[
  Set security context as user: Steve.Merriman@fluid.contitech.co.uk]]

[2015-03-25T16:19:43.467+0100] [glassfish 4.0] [FINE] [] [javax.enterprise.system.core.security] [tid: _ThreadID=56 _ThreadName=http-listener-1(1)] [timeMillis: 1427296783467] [levelValue: 500] [CLASSNAME: com.sun.enterprise.security.web.integration.WebSecurityManager] [METHODNAME: setPolicyContext] [[
  [Web-Security] Setting Policy Context ID: old = null ctxID = HSEManagmentApp/HSEManagmentApp]]

I then investigated the source code for the method in question and discovered a comment saying it could accept a maximum length of 50 see code below. I'm not sure if this is a red herring or if I have just set something wrong in my JDBC realm. Any help on this would be much appreciated as it is eating up my time and I'm no closer to a solution.

private boolean isUserValid(String user, char[] password) {
401        Connection connection = null;
402        PreparedStatement statement = null;
403        ResultSet rs = null;
404        boolean valid = false;
405
406        try {
407            char[] hpwd = hashPassword(password);
408            connection = getConnection();
409            statement =  connection.prepareStatement(passwordQuery);
410            statement.setString(1, user);
411            rs = statement.executeQuery();
412            if (rs.next()) {
413                //Obtain the password as a char[] with a  max size of 50
414                Reader reader =  rs.getCharacterStream(1);
415                char[] pwd = new char[1024];
416                int noOfChars = reader.read(pwd);
417
418                /*Since pwd contains 1024 elements arbitrarily initialized,
419                    construct a new char[] that has the right no of char elements
420                    to be used for equal comparison*/
421                if (noOfChars < 0) {
422                    noOfChars = 0;
423                }
424                char[] passwd = new char[noOfChars];
425                System.arraycopy(pwd, 0, passwd, 0, noOfChars);
426                if (HEX.equalsIgnoreCase(getProperty(PARAM_ENCODING))) {
427                    valid = true;
428                    //Do a case-insensitive equals
429                    for(int i = 0; i < noOfChars; i ++) {
430                        if (!(Character.toLowerCase(passwd[i]) == Character.toLowerCase(hpwd[i]))) {
431                            valid = false;
432                            break;
433                        }
434                    }
435                } else {
436                    valid = Arrays.equals(passwd, hpwd);
437                }
438            }
439        } catch(SQLException ex) {
440                _logger.log(Level.SEVERE, "jdbcrealm.invaliduserreason", 
441                        new String [] {user,ex.toString()});
442            if (_logger.isLoggable(Level.FINE)) {
443                _logger.log(Level.FINE, "Cannot validate user", ex);
444            } 
445        } catch(Exception ex) {
446            _logger.log(Level.SEVERE, "jdbcrealm.invaliduser", user);
447            if (_logger.isLoggable(Level.FINE)) {
448                _logger.log(Level.FINE, "Cannot validate user", ex);
449            }
450        } finally {
451            close(connection, statement, rs);
452        }
453        return valid;
454    }

I have attached my realm file in case it is something silly but I have tried just about every combination. I have also checked my hashing in the database and it is correct. Only odd thing is if I set hashing to 'none' then it doesn't work at all.


Answer:

Ok I have solved this issue and all the others I was having with authentication and wanted to post an answer for future people facing this problem. It seems that the SQL queries being used are filling in any unused space in the database field with white space so; as I had my password field set to nvarchar(500) that was the length of the password that was being returned although all characters after 64 were white space. This also caused an issue with role to group mapping, as this is a various length field I cant change the field length to compensate so must now look for the problem with the driver or queries involved.

Regards

Question:

I'm trying to use JDBC Realm Form Authentication to set security for my application, but it doesn't work. When i'm trying to login the page just reloads I don't get errors, there is nothing in logs.

Here is web.xml

<error-page>
    <error-code>403</error-code>
    <location>/faces/views/errors/403.xhtml</location>
</error-page>

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>jdbcRealm</realm-name>
    <form-login-config>
        <form-login-page>/faces/views/account/login.xhtml</form-login-page>
        <form-error-page>/faces/views/account/loginerror.xhtml</form-error-page>
    </form-login-config>
</login-config>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Admin user</web-resource-name>
        <url-pattern>/faces/views/admin/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>

<security-constraint>
    <web-resource-collection>
        <web-resource-name>Admin user</web-resource-name>
        <url-pattern>/faces/views/users/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
        <role-name>guest</role-name>
    </auth-constraint>
</security-constraint>

Here is glassfish-web.xml

<security-role-mapping>
    <role-name>admin</role-name>
    <group-name>admin</group-name>
</security-role-mapping>

<security-role-mapping>
    <role-name>guest</role-name>
    <group-name>guest</group-name>
</security-role-mapping>

Form

  <form method="POST" action="j_security_check">
                    Username: <input type="text" name="j_username" />
                    Password: <input type="password" name="j_password" />


                    <input type="submit" value="Login" />
                    <input type="reset" value="Reset" />
                </form>
  1. JAAS Context: jdbcRealm
  2. JNDI: jdbc/kyrspr
  3. User Table: USER
  4. User Name Column: NAME
  5. Password Column: PASSWORD
  6. Group Table: USERS_GROUP
  7. Group Name Column: GROUP_NAME
  8. Password Encryption Algorithm: MD5

And database tables

CREATE TABLE user (
    ADDRESS VARCHAR(255),
    EMAIL VARCHAR(255),
    IMAGE VARCHAR(255),
    NAME VARCHAR(255) PRIMARY KEY NOT NULL,
    PASSWORD VARCHAR(255),
    RATING DOUBLE,
    SPECIALLITY_ID BIGINT(20) ); CREATE UNIQUE INDEX user_NAME_uindex ON user (NAME);


CREATE TABLE users_group
(
    USER_ID VARCHAR(255),
    GROUP_NAME VARCHAR(15) NOT NULL,
    group_id BIGINT(20) PRIMARY KEY NOT NULL,
    CONSTRAINT users_group_user_NAME_fk FOREIGN KEY (USER_ID) REFERENCES user (NAME)
);
CREATE UNIQUE INDEX users_group_group_id_uindex ON users_group (group_id);
CREATE INDEX users_group_user_NAME_fk ON users_group (USER_ID);

Answer:

But do you have realm itself? Try to do something like (this example for GF + mysql)

$ export $DB_USER=my_user

$ export $DB_PASSWORD=my_password

$ $GLASSFISH_HOME/bin/asadmin create-auth-realm --classname com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm --property db-user=$DB_USER:db-password=$DB_PASSWORD:jaas-context=jdbcRealm:password-column=password:datasource-jndi=jdbc/myds:group-table=users:user-table=users:group-name-column=username:digest-algorithm=none:user-name-column=username myRealm

For more information check asadmin create-auth-realm documentation.