I'm working on a servlet filter that uses the CrowdHttpAuthenticator class to operate on a request/response. (It's actually a migration effort from the pre2.1 SOAP api to REST, following https://developer.atlassian.com/display/CROWDDEV/Crowd+2.1+REST+Java+Client+Migration+Guide).
The servlet uses a persistent CrowdHttpAuthenticatorImpl() instance which is initialised in the filter's init() function.
I'm using two functions from this class:
I'm having a problem with the authenticateWithoutValidatingPassword() function - when I call it with a (request, response, username) triplet, I get the following exception:
java.lang.IllegalArgumentException: setAttribute: name parameter cannot be null at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1325) at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1301) at org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:130) at com.atlassian.crowd.integration.http.util.CrowdHttpTokenHelperImpl.setCrowdToken(CrowdHttpTokenHelperImpl.java:142) at com.atlassian.crowd.integration.http.CrowdHttpAuthenticatorImpl.authenticateWithoutValidatingPassword(CrowdHttpAuthenticatorImpl.java:83)
I've pasted below a skeleton example showing how I'm using these classes.
Any idea what's causing the IllegalArgumentException above?
Am I using the CrowdClient/CrowdHttpAuthenticator classes incorrectly?
Thanks,
manuel.
Code:
public class MyFilter implements Filter { CrowdClient crowdClient; CrowdHttpAuthenticator crowdHttpAuthenticator; protected final Logger logger = Logger.getLogger(this.getClass()); private final static String USERID = "USERID"; public void init( FilterConfig filterConfig ) throws ServletException { Properties crowd_props = new Properties(); crowd_props.load(getClass().getResourceAsStream("/crowd.properties")); ClientProperties clientProperties = ClientPropertiesImpl.newInstanceFromProperties(crowd_props); crowdClient = new com.atlassian.crowd.integration.rest.service.factory.RestCrowdClientFactory().newInstance(clientProperties); crowdHttpAuthenticator = new CrowdHttpAuthenticatorImpl(crowdClient, clientProperties, CrowdHttpTokenHelperImpl.getInstance( CrowdHttpValidationFactorExtractorImpl.getInstance())); } public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain ) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest)request; HttpServletResponse resp = (HttpServletResponse)response; String userid = req.getHeader(USERID); if (crowdHttpAuthenticator.isAuthenticated(req, resp)) { logger.debug("Have crowd token."); } else { logger.debug("Authenticating user '"+userid+"'"); crowdHttpAuthenticator.authenticateWithoutValidatingPassword(req, resp, userid); // Verify if (!(crowdHttpAuthenticator.isAuthenticated(req, resp))) { throw new MyFilterException("Authenticated user, but failed in verification."); } } chain.doFilter(req, resp); return; } }
Community moderators have prevented the ability to post new answers.
I got some pointers from Atlassian support (thanks Foogie), and I fixed my problem by adding the following line to my crowd.properties file:
session.lastvalidation session.lastvalidation
The exception was being thrown in the following function call in <tt>CrowdHttpTokenHelperImpl.setCrowdToken()</tt>
session.setAttribute(clientProperties.getSessionLastValidation(), new Date());
The call to clientProperties.getSessionLastValidation() was returning null until I amended my crowd.properties file.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.