Integrate openid4java to GWT Project

2022-12-27 19:54 问答作者：

I created an GWT project in eclipse. Now I tried to implement openId with using the openid4java library.

I imported the .jar files via properties-->java build path:

openid4java-0.9.5.jar
lib/*.jar

In addition I copied the .jar files into the war/WEB-INF/lib directory.

The problem at hand comes up when I call the authenticate() method.

Then I get a:

HTTP ERROR 500

Problem accessing /openid/openid. Reason:

    access denied (java.lang.RuntimePermission modifyThreadGroup)

Caused by:

java.security.AccessControlException: access denied (java.lang.RuntimePermission modifyThreadGroup) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:166) at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkAccess(DevAppServerFactory.java:191) at java.lang.ThreadGroup.checkAccess(Unknown Source) at java.lang.Thread.init(Unknown Source) at java.lang.Thread.<init>(Unknown Source) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ReferenceQueueThread.<init>(MultiThreadedHttpConnectionManager.java:1039) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.storeReferenceToConnection(MultiThreadedHttpConnectionManager.java:164) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.access$900(MultiThreadedHttpConnectionManager.java:64) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:750) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:469) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:394) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:152) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324) at org.openid4java.util.HttpCache.head(HttpCache.java:296) at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:360) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179) at org.openid4java.discovery.Discovery.discover(Discovery.jav开发者_如何学JAVAa:134) at org.openid4java.discovery.Discovery.discover(Discovery.java:114) at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:527) at auth.openid.server.OpenIDServlet.authenticate(OpenIDServlet.java:138) at auth.openid.server.OpenIDServlet.doGet(OpenIDServlet.java:101) at javax.servlet.http.HttpServlet.service(HttpServlet.java:693) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166) at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:51) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418) at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:349) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:326) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)

Here my servlet source:

import com.google.gwt.user.client.rpc.RemoteService;
import org.openid4java.OpenIDException;
import org.openid4java.consumer.ConsumerException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.ParameterList;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.text.MessageFormat;
import java.util.List;

public final class OpenIDServlet extends HttpServlet implements RemoteService {

private final ConsumerManager manager;

public OpenIDServlet() {
    try {
        manager = new ConsumerManager();
    } catch (ConsumerException e) {
        throw new RuntimeException("Error creating consumer manager", e);
    }
}

...

private void authenticate(HttpServletRequest request, HttpServletResponse     response) throws IOException, ServletException {
    final String loginString = request.getParameter(nameParameter);

    try {
        // perform discovery on the user-supplied identifier
        List discoveries = manager.discover(loginString);

        // attempt to associate with the OpenID provider
        // and retrieve one service endpoint for authentication
        DiscoveryInformation discovered = manager.associate(discoveries);

        // obtain a AuthRequest message to be sent to the OpenID provider
        AuthRequest authReq = manager.authenticate(discovered, "openid", null);

        // redirect to OpenID for authentication
        response.sendRedirect(authReq.getDestinationUrl(true));
    }
    catch (OpenIDException e) {
        throw new ServletException("Login string probably caused an error. loginString = " + loginString, e);
    }
}

My question now is: What could be my fault? Did I make any mistakes in importing the openid4java library? (which?) All other methods in the servlet which do not use the openid4java implementation work fine.

Thanks, Andreas

You are using Google App Engine. GAE restricts the libraries that can be used in an application. In particular, creating threads or accessing the network are prohibited.

The stack trace you pasted shows openid creating a java, and GAE blocking it.

If you don't care about GAE, just disable it in eclipse settings. Once you do that, you should be able to use the library.

If you also want to use GAE, then you will have to find an alternative to OpenId4Java. Somebody else may have an alternative to that.

Due to the restrictions of GAE you can't use openid4java directly. You can try this modified version: http://github.com/WdWeaver/openid4java-gae-hacks

I think you're missing the servlet entry in web.xml

<servlet>
  <servlet-name>OpenIdServlet</servlet-name>
  <servlet-class>path.to.your.servlet</servlet-class>
</servlet>

<servlet-mapping>
  <servlet-name>OpenIdServlet</servlet-name>
  <url-pattern>/openid/openid</url-pattern>
</servlet-mapping>

继续阅读：google-app-engine gwt openid

Integrate openid4java to GWT Project

HTTP ERROR 500

Caused by:

更多精彩内容

精彩评论

最新问答

宫颈癌术后可以性生活吗？

决战平安京人面树赏金特典皮肤什么时候上线?？

CF2024宠粉节活动入口在哪?？

原神养石任务怎么做?？

射戮骑士什么时候发售?？

问答排行榜

Is it allowed to ask users to enter credit card details for own payment method?

Escaping "<" in Perl-generated XML

王昌瑞《潜梦追凶》剧组庆生新锐演员未来可期？

imessage会显示已读吗？

微信重新建群怎么建？

HTTP ERROR 500

Caused by:

更多精彩内容

精彩评论

最新问答

宫颈癌术后可以性生活吗？

决战平安京人面树赏金特典皮肤什么时候上线?？

CF2024宠粉节活动入口在哪?？

原神养石任务怎么做?？

射戮骑士什么时候发售?？

问答排行榜

Is it allowed to ask users to enter credit card details for own payment method?

Escaping "<" in Perl-generated XML

王昌瑞《潜梦追凶》剧组庆生 新锐演员未来可期？

imessage会显示已读吗？

微信重新建群怎么建？

王昌瑞《潜梦追凶》剧组庆生新锐演员未来可期？