Issue

• Getting NullPointerException (NPE) in SPNEGO Login Module.
• After deploying the application on a JBoss Server , where we are using the SPNEGO Module for Single Sign On, and where architecture includes two Application Servers behind a network load balancer which assures session persistence based on the Jsession ID such that, all requests bound to a user session will always land on one backend, the configuration with SPNEGO will works fine, however, from time to time the authentication fails:-
  • This happens very rarely (20 times in a day on a system where about 50 users are working) and it is extremely hard to reproduce.
  • We have already looked into the AD Logs for authentication, but we see there no errors.
  • The following is the error.

ERROR (HTTP-341) [UID=,REQ=#,APP=,MODULE=] [org.jboss.security.auth.spi.AbstractServerLoginModule] Unable to authenticate: java.lang.NullPointerException
        at org.jboss.security.negotiation.spnego.SPNEGOLoginModule$AcceptSecContext.run(SPNEGOLoginModule.java:420)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.Subject.doAs(Subject.java:356)