on 09-02-2005 1:53 PM
hello.
i am using was j2ee 6.40 & ep 6, both patched to sps 11, and am trying to configure a custom login module for the system... i need help.
i have followed a few of the threads in this forum, which give more detail than the sap guides i have found, but i still cannot access the login module after it has been deployed to the j2ee engine. i get the error 'Cannot load a login module' in the default trace file, and authentication does not succeed.
here are some details on what i did & where the problem occured:
1) i built & compiled a custom login module thru netweaver developer, associating the security api and other jar files needed.
2) packaged it all into an sda file, including the class i wrote & the other associated jar files.
3) deployed the j2ee component to the j2ee engine
4) logged onto visual admin & created a new login module for my class (com.bmc.sap.UIdPSAPsso).
5) added my library (UIdPSAPsso) to the login module class loaders in the security provider.
6) configured the ticket login stack to include my login module.
once the login module is part of the ticket component stack, i stop being able to login to the enterprise portal. i go to the portal page, enter a username & password and press Log On, and I am returned to the portal sign on page. there is no authentication or other error shown on the portal page.
the specific error i'm seeing in the trc file is:
#1.5#0001027CAC6A00150000000000000CCC0003FFBA72AF74C0#1125601183371#com.sap.engine.services.security#sap.com/irj#com.sap.engine.services.security#j2ee_guest#0#####SAPEngine_Application_Thread[impl:3]_38##0#0#Error#1#/System/Security#Java#security_1020##Cannot load a login module.##
#1.5#0001027CAC6A00150000000100000CCC0003FFBA72AF87C4#1125601183371#com.sap.engine.services.security#sap.com/irj#com.sap.engine.services.security#j2ee_guest#0#####SAPEngine_Application_Thread[impl:3]_38##0#0#Error#1#/System/Audit#Java###Exception #1#com.sap.engine.services.security.exceptions.BaseSecurityException: Cannot load a login module. at com.sap.engine.services.security.login.LoginContextFactory.init(LoginContextFactory.java:95) at com.sap.engine.services.security.login.LoginContextFactory.getLoginContext(LoginContextFactory.java:133) at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContext(AuthenticationContextImpl.java:227) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at com.sap.engine.system.SystemLoginModule.initialize(SystemLoginModule.java:72) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607) at javax.security.auth.login.LoginContext.login(LoginContext.java:534) at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:86) at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:305) at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:96) at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:178) at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:522) at java.security.AccessController.doPrivileged(Native Method) at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:405) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:153) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:290) at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:346) at com.sap.portal.navigation.Gateway.service(Gateway.java:68) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:391) at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:265) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:345) at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:323) at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:865) at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:240) at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92) at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148) at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:37) at com.sap.engine.core.cluster.impl6.session.UnorderedChannel$MessageRunner.run(UnorderedChannel.java:71) at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37) at java.security.AccessController.doPrivileged(Native Method) at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:94) at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:162) Caused by: java.lang.ClassNotFoundException: com.bmc.sap.UIdPSAPsso Found in negative cache -
it seems that i just need to get another reference to my class set somewhere, but i cannot determine where. i have consulted the sdn forums & a few sap guides, and have not been able to find any further information on this type of error... if anyone has seen this before, any help would be appreciated.
thanks,
-- alex winner
Usually you need to be very careful on how you use the classloader when looking at security. It looks here like you are hitting a java security problem where the secured classloader is not allowed to load your login class.
Read up on java security.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Have looked for anything on sap & java security I can; the only relevant security issue I can find is making sure my library has a reference to the sap security interface, which it does.
From the trace, I thought the classloader was unable to load the login class because of the original error, not being able to find the class. The 'cause' of the error in the trace file claims to be:
Caused by: java.lang.ClassNotFoundException: com.bmc.sap.UIdPSAPsso
not a security issue.
Where on the EP should this class location be defined? I have put the library into the "LoginModuleClassLoaders" in the Security Provider, but this does not seem to be enough...
Thanks again for any assistance,
-- Alex
Hello Eric,
I am also facing the same problem. But as you said in another thread i have mentioned the library:gnl.com~UserAuditLoginLibrary. But throwing the error com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:37)
at com.sap.engine.core.cluster.impl6.session.UnorderedChannel$MessageRunner.run(UnorderedChannel.java:71)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:94)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:162)
Caused by: java.lang.ClassNotFoundException: com.gnl.security.UserAuditLoginModule.
But I am able to login to portal, but the custom login module is not executed due to the above error.
Kindly help
Regards,
Rukmani
Rukmani,
Can you confirm that a directory called "gnl.com~UserAuditLoginLibrary" exists on the file system where your module is deployed?
On our system it is in a directory like this:
%SAP_HOME%/JC08/j2ee/cluster/server0/bin/ext
If you don't find this directory, perhaps you'll find one like it. If you do, copy the name of the directory and use that in the LoginModuleClassLoaders property. For example, if you find a directory called "gnl.comUserAuditLoginModule" then use this in the LoginModuleClassLoaders property, "library:gnl.comUserAuditLoginModule".
I hope this is helpful.
Eric
User | Count |
---|---|
87 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.