Integrate openid4java to GWT Project
I created an GWT project in eclipse. Now I tried to implement openId with using the openid4java library.
I imported the .jar files via properties-->java build path:
- openid4java-0.9.5.jar
- lib/*.jar
In addition I copied the .jar files into the war/WEB-INF/lib directory.
The problem at hand comes up when I call the authenticate() method.
Then I get a:
HTTP ERROR 500
Problem accessing /openid/openid. Reason:
access denied (java.lang.RuntimePermission modifyThreadGroup)
Caused by:
java.security.AccessControlException: access denied (java.lang.RuntimePermission modifyThreadGroup) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:166) at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkAccess(DevAppServerFactory.java:191) at java.lang.ThreadGroup.checkAccess(Unknown Source) at java.lang.Thread.init(Unknown Source) at java.lang.Thread.<init>(Unknown Source) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ReferenceQueueThread.<init>(MultiThreadedHttpConnectionManager.java:1039) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.storeReferenceToConnection(MultiThreadedHttpConnectionManager.java:164) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.access$900(MultiThreadedHttpConnectionManager.java:64) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:750) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:469) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:394) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:152) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324) at org.openid4java.util.HttpCache.head(HttpCache.java:296) at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:360) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179) at org.openid4java.discovery.Discovery.discover(Discovery.jav开发者_如何学JAVAa:134) at org.openid4java.discovery.Discovery.discover(Discovery.java:114) at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:527) at auth.openid.server.OpenIDServlet.authenticate(OpenIDServlet.java:138) at auth.openid.server.OpenIDServlet.doGet(OpenIDServlet.java:101) at javax.servlet.http.HttpServlet.service(HttpServlet.java:693) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166) at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:51) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418) at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:349) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:326) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
Here my servlet source:
import com.google.gwt.user.client.rpc.RemoteService;
import org.openid4java.OpenIDException;
import org.openid4java.consumer.ConsumerException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.ParameterList;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.text.MessageFormat;
import java.util.List;
public final class OpenIDServlet extends HttpServlet implements RemoteService {
private final ConsumerManager manager;
public OpenIDServlet() {
try {
manager = new ConsumerManager();
} catch (ConsumerException e) {
throw new RuntimeException("Error creating consumer manager", e);
}
}
...
private void authenticate(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
final String loginString = request.getParameter(nameParameter);
try {
// perform discovery on the user-supplied identifier
List discoveries = manager.discover(loginString);
// attempt to associate with the OpenID provider
// and retrieve one service endpoint for authentication
DiscoveryInformation discovered = manager.associate(discoveries);
// obtain a AuthRequest message to be sent to the OpenID provider
AuthRequest authReq = manager.authenticate(discovered, "openid", null);
// redirect to OpenID for authentication
response.sendRedirect(authReq.getDestinationUrl(true));
}
catch (OpenIDException e) {
throw new ServletException("Login string probably caused an error. loginString = " + loginString, e);
}
}
My question now is: What could be my fault? Did I make any mistakes in importing the openid4java library? (which?) All other methods in the servlet which do not use the openid4java implementation work fine.
Thanks, Andreas
You are using Google App Engine. GAE restricts the libraries that can be used in an application. In particular, creating threads or accessing the network are prohibited.
The stack trace you pasted shows openid creating a java, and GAE blocking it.
If you don't care about GAE, just disable it in eclipse settings. Once you do that, you should be able to use the library.
If you also want to use GAE, then you will have to find an alternative to OpenId4Java. Somebody else may have an alternative to that.
Due to the restrictions of GAE you can't use openid4java directly. You can try this modified version: http://github.com/WdWeaver/openid4java-gae-hacks
I think you're missing the servlet entry in web.xml
<servlet>
<servlet-name>OpenIdServlet</servlet-name>
<servlet-class>path.to.your.servlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>OpenIdServlet</servlet-name>
<url-pattern>/openid/openid</url-pattern>
</servlet-mapping>
精彩评论