I creating a custom security module for Web service security in WebSphere6.1.
I have created a CustomTokenConsumer, CustomToken and also made a custom login module to validate the CustomToken. I added the login module to a new alias i created in system logins and login from my customTokenConsumer as follows :
#############################################################
final String jaasLC = "system.com.MyLogin";
final MyCallBackHandler ch = new MyCallBackHandler(name, authnMehtod, new HashMap());
AccessController.doPrivileged(new PrivilegedExceptionAction() {
public MyToken run() throws LoginException, WSSecurityException {
Subject subject = (Subject) context.get(com.ibm.wsspi.wssecurity.Constants.WSSECURITY_SUBJECT);
subject.getPrincipals().add(p);
LoginContext lc = new LoginContext(jaasLC, subject, ch);
lc.login();
MyToken token = (MyToken) properties
get(com.ibm.wsspi.wssecurity.Constants.WSSECURITY_TOKEN_LOGININFO);
token.setUsedTokenConsumer(config);
return token;
##################################################################
When i call my web service, i getting the following exception
LoginProcesso E WSEC6735E: Failed to login with token type {http://MyTokenUri.com}MyToken. The exception is: java.rmi.RemoteException: null; nested exception is:
com.ibm.websphere.security.EntryNotFoundException
*This is happening since the control is going to ltpaLoginModule of websphere after exiting from my custom login module. How do i prevent this??*
##################################################################
Entire Stack
[2/18/09 16:13:21:749 IST] 00000076 LoginProcesso E WSEC6735E: Failed to login with token type {http://MyTokenUri.com}MyToken. The exception is: java.rmi.RemoteException: null; nested exception is:
com.ibm.websphere.security.EntryNotFoundException
at com.ibm.ws.security.registry.UserRegistryImpl.createCredential(UserRegistryImpl.java:825)
at com.ibm.ws.security.server.lm.ltpaLoginModule.login(ltpaLoginModule.java:560)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:795)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:209)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:709)
at java.security.AccessController.doPrivileged(AccessController.java:246)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:706)
at javax.security.auth.login.LoginContext.login(LoginContext.java:603)
at com.ibm.ws.webservices.wssecurity.token.LoginProcessor.jaasLogin(LoginProcessor.java:1036)
at com.ibm.ws.webservices.wssecurity.token.LoginProcessor.login(LoginProcessor.java:644)
at com.ibm.ws.webservices.wssecurity.token.LoginProcessor.invoke(LoginProcessor.java:170)
at com.ibm.ws.webservices.wssecurity.core.WSSConsumer.checkCaller(WSSConsumer.java:1848)
at com.ibm.ws.webservices.wssecurity.core.WSSConsumer.invoke(WSSConsumer.java:587)
at com.ibm.ws.webservices.wssecurity.handler.WSSecurityConsumerBase.invoke(WSSecurityConsumerBase.java:85)
at com.ibm.ws.webservices.wssecurity.handler.GlobalSecurityHandler.handleRequest6(GlobalSecurityHandler.java:418)
at com.ibm.ws.webservices.wssecurity.handler.GlobalSecurityHandler.handleRequest(GlobalSecurityHandler.java:219)
at com.ibm.ws.webservices.engine.handlers.jaxrpc.JAXRPCHandlerChain.handleRequest(JAXRPCHandlerChain.java:334)
at com.ibm.ws.webservices.engine.handlers.jaxrpc.JAXRPCHandler.invokeServerRequestHandler(JAXRPCHandler.java:506)
at com.ibm.ws.webservices.engine.handlers.jaxrpc.JAXRPCHandler$1.invoke(JAXRPCHandler.java:380)
at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:208)
at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:228)
at com.ibm.ws.webservices.engine.WebServicesEngine.invoke(WebServicesEngine.java:336)
at com.ibm.ws.webservices.engine.transport.http.WebServicesServlet.doPost(WebServicesServlet.java:831)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at com.ibm.ws.webservices.engine.transport.http.WebServicesServletBase.service(WebServicesServletBase.java:341)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1096)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:570)
at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:478)
at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3444)
at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:267)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:815)
at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1466)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:119)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:458)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:387)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:267)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1473)