org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.

Sonatype JIRA | Daniel Sauble | 2 years ago
  1. 0

    Steps to reproduce: + Go to the User feature, and change the password for `admin`. + Log out, and try to log back in (attempt fails). + Restart the server, and try to log in (fails). + Delete the sonatype-work folder, restart the server, and try to log in (fails). + Rebuild Nexus, start the server, and try to log in (works!) Example: http://take.ms/8KZGd Log output: {code} 2015-05-12 18:35:10,021+0100 INFO [qtp838028810-52] *UNKNOWN org.sonatype.nexus.rapture.internal.SessionAuthenticationFilter - Failure: token=org.apache.shiro.authc.UsernamePasswordToken - admin, rememberMe=false (127.0.0.1) org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens. at org.sonatype.nexus.security.authc.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication(FirstSuccessfulModularRealmAuthenticator.java:65) [na:na] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:269) [na:na] at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) [org.apache.shiro.core:1.2.3] at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) [org.apache.shiro.core:1.2.3] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) [org.apache.shiro.core:1.2.3] at org.apache.shiro.nexus.NexusWebSecurityManager.login(NexusWebSecurityManager.java:56) [na:na] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [org.apache.shiro.core:1.2.3] at org.apache.shiro.web.filter.authc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53) [org.apache.shiro.web:1.2.3] at org.sonatype.nexus.rapture.internal.SessionAuthenticationFilter.onAccessDenied(SessionAuthenticationFilter.java:70) [org.sonatype.nexus.plugins.nexus-rapture-plugin:3.0.0.SNAPSHOT] at org.apache.shiro.web.filter.AccessControlFilter.onAccessDenied(AccessControlFilter.java:133) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [org.apache.shiro.web:1.2.3] at org.sonatype.nexus.security.SecurityFilter.executeChain(SecurityFilter.java:85) [org.sonatype.nexus.security:3.0.0.SNAPSHOT] at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [org.apache.shiro.web:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [org.apache.shiro.core:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [org.apache.shiro.core:1.2.3] at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) [org.apache.shiro.core:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [org.apache.shiro.web:1.2.3] at org.sonatype.nexus.security.SecurityFilter.doFilterInternal(SecurityFilter.java:101) [org.sonatype.nexus.security:3.0.0.SNAPSHOT] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.2.3] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at com.sonatype.nexus.licensing.internal.LicensingRedirectFilter.doFilter(LicensingRedirectFilter.java:130) [com.sonatype.nexus.plugins.nexus-licensing-plugin:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at com.codahale.metrics.servlet.AbstractInstrumentedFilter.doFilter(AbstractInstrumentedFilter.java:97) [com.codahale.metrics.servlet:3.0.2] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at org.sonatype.nexus.internal.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:63) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at org.sonatype.nexus.internal.web.EnvironmentFilter.doFilter(EnvironmentFilter.java:92) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at com.google.inject.servlet.DynamicFilterPipeline.dispatch(DynamicFilterPipeline.java:104) [com.google.inject:4.0.0] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133) [com.google.inject:4.0.0] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130) [com.google.inject:4.0.0] at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203) [com.google.inject:4.0.0] at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130) [com.google.inject:4.0.0] at org.sonatype.nexus.bootstrap.osgi.DelegatingFilter.doFilter(DelegatingFilter.java:73) [org.sonatype.nexus.bootstrap:3.0.0.SNAPSHOT] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) [org.eclipse.jetty.servlet:9.2.9.v20150224] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585) [org.eclipse.jetty.servlet:9.2.9.v20150224] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577) [org.eclipse.jetty.security:9.2.9.v20150224] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) [org.eclipse.jetty.servlet:9.2.9.v20150224] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) [org.eclipse.jetty.server:9.2.9.v20150224] at com.codahale.metrics.jetty9.InstrumentedHandler.handle(InstrumentedHandler.java:175) [com.codahale.metrics.jetty9:3.0.2] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.Server.handle(Server.java:497) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540) [org.eclipse.jetty.io:9.2.9.v20150224] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) [org.eclipse.jetty.util:9.2.9.v20150224] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555) [org.eclipse.jetty.util:9.2.9.v20150224] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_20] 2015-05-12 18:35:10,022+0100 INFO [qtp838028810-52] *UNKNOWN org.sonatype.nexus.rapture.internal.SessionAuthenticationFilter - Access denied {code}

    Sonatype JIRA | 2 years ago | Daniel Sauble
    org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.
  2. 0

    clean installation of 0.20-p4 fails to authenticate for the first time

    Google Groups | 3 years ago | Maciej Strömich
    org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.
  3. 0

    Zeppelin LDAP authentication

    Stack Overflow | 3 months ago | user3600073
    org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Issue with login

    Google Groups | 3 years ago | wingZero21
    org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.
  6. 0

    Testing NX2.11.2-SNAPSHOT, I had deleted the anonymous user and was resetting it up and I typed the password wrong. In addition to popout and a WARN in the log, there was also a huge debug string. I am not sure the point of the long debug (or even the WARN) since the application seems to know this is happening and handle it with a popout. Ticketing for evaluation. I checked and this is not a NX2 SNAPSHOT issue, it also occurs on NX2.11.1-01 and NX3 (Cowbell SNAPSHOT). Here's the snip from NX3 (I assume of most concern): {quote} 2015-01-13 11:17:42,808-0500 WARN [qtp713114694-275] admin org.sonatype.nexus.configuration.application.DefaultNexusConfiguration - Nexus refused to apply configuration, the supplied anonymous information is wrong: The password of user "anonymous" is incorrect. org.sonatype.security.authentication.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens. at org.sonatype.security.DefaultSecuritySystem.authenticate(DefaultSecuritySystem.java:156) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at org.sonatype.nexus.configuration.application.DefaultNexusConfiguration.setAnonymousAccess(DefaultNexusConfiguration.java:535) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at org.sonatype.nexus.configuration.application.MutableConfiguration$setAnonymousAccess.call(Unknown Source) [3.0.0-SNAPSHOT:3.0.0-SNAPSHOT] at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45) [groovy-all:2.1.5] at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108) [groovy-all:2.1.5] at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:124) [groovy-all:2.1.5] at org.sonatype.nexus.coreui.AnonymousSettingsComponent.update(AnonymousSettingsComponent.groovy:88) [org.sonatype.nexus.plugins.nexus-coreui-plugin:3.0.0.SNAPSHOT] at org.sonatype.nexus.coreui.AnonymousSettingsComponent$$EnhancerByGuice$$8cb1faeb.CGLIB$update$3(<generated>) [3.2.4:na] at org.sonatype.nexus.coreui.AnonymousSettingsComponent$$EnhancerByGuice$$8cb1faeb$$FastClassByGuice$$66cc5236.invoke(<generated>) [3.2.4:na] at com.google.inject.internal.cglib.proxy.$MethodProxy.invokeSuper(MethodProxy.java:228) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:75) [org.sonatype.sisu.guice:3.2.4] at org.apache.shiro.guice.aop.AopAllianceMethodInvocationAdapter.proceed(AopAllianceMethodInvocationAdapter.java:49) [org.apache.shiro.guice:1.2.3] at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.invoke(AuthorizingAnnotationMethodInterceptor.java:68) [org.apache.shiro.core:1.2.3] at org.apache.shiro.guice.aop.AopAllianceMethodInterceptorAdapter.invoke(AopAllianceMethodInterceptorAdapter.java:36) [org.apache.shiro.guice:1.2.3] at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:75) [org.sonatype.sisu.guice:3.2.4] at org.apache.shiro.guice.aop.AopAllianceMethodInvocationAdapter.proceed(AopAllianceMethodInvocationAdapter.java:49) [org.apache.shiro.guice:1.2.3] at org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor.invoke(AuthorizingAnnotationMethodInterceptor.java:68) [org.apache.shiro.core:1.2.3] at org.apache.shiro.guice.aop.AopAllianceMethodInterceptorAdapter.invoke(AopAllianceMethodInterceptorAdapter.java:36) [org.apache.shiro.guice:1.2.3] at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:75) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.internal.InterceptorStackCallback.intercept(InterceptorStackCallback.java:55) [org.sonatype.sisu.guice:3.2.4] at org.sonatype.nexus.coreui.AnonymousSettingsComponent$$EnhancerByGuice$$8cb1faeb.update(<generated>) [3.2.4:na] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [na:1.7.0_71] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [na:1.7.0_71] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [na:1.7.0_71] at java.lang.reflect.Method.invoke(Method.java:606) [na:1.7.0_71] at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.invokeJavaMethod(DispatcherBase.java:142) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.invokeMethod(DispatcherBase.java:133) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at org.sonatype.nexus.extdirect.internal.ExtDirectServlet$3.invokeMethod(ExtDirectServlet.java:208) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.dispatcher.DispatcherBase.dispatch(DispatcherBase.java:63) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.processor.standard.StandardRequestProcessorBase.dispatchStandardMethod(StandardRequestProcessorBase.java:73) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor.processIndividualRequest(JsonRequestProcessor.java:502) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor.processIndividualRequestsInThisThread(JsonRequestProcessor.java:150) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.processor.standard.json.JsonRequestProcessor.process(JsonRequestProcessor.java:133) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.router.RequestRouter.processJsonRequest(RequestRouter.java:83) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.servlet.DirectJNgineServlet.processRequest(DirectJNgineServlet.java:617) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at com.softwarementors.extjs.djn.servlet.DirectJNgineServlet.doPost(DirectJNgineServlet.java:580) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at org.sonatype.nexus.extdirect.internal.ExtDirectServlet.doPost(ExtDirectServlet.java:128) [org.sonatype.nexus.plugins.nexus-extdirect-plugin:3.0.0.SNAPSHOT] at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) [javax.servlet:3.0.0.v201112011016] at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) [javax.servlet:3.0.0.v201112011016] at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:298) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:282) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:187) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.servlet.AbstractServletPipeline.service(AbstractServletPipeline.java:59) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85) [org.sonatype.sisu.guice:3.2.4] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:112) [org.apache.shiro.web:1.2.3] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.4] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [org.apache.shiro.web:1.2.3] at org.sonatype.nexus.web.SecurityFilter.executeChain(SecurityFilter.java:87) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [org.apache.shiro.web:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [org.apache.shiro.core:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [org.apache.shiro.core:1.2.3] at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) [org.apache.shiro.core:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.2.3] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.4] at com.sonatype.nexus.licensing.internal.LicensingRedirectFilter.doFilter(LicensingRedirectFilter.java:136) [com.sonatype.nexus.plugins.nexus-licensing-plugin:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.4] at com.codahale.metrics.servlet.AbstractInstrumentedFilter.doFilter(AbstractInstrumentedFilter.java:97) [com.codahale.metrics.servlet:3.0.2] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.4] at org.sonatype.nexus.web.internal.CommonHeadersFilter.doFilter(CommonHeadersFilter.java:67) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.4] at org.sonatype.nexus.web.internal.ErrorPageFilter.doFilter(ErrorPageFilter.java:66) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.4] at org.sonatype.nexus.web.internal.BaseUrlHolderFilter.doFilter(BaseUrlHolderFilter.java:68) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.servlet.AbstractFilterPipeline.dispatch(AbstractFilterPipeline.java:94) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203) [org.sonatype.sisu.guice:3.2.4] at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130) [org.sonatype.sisu.guice:3.2.4] at org.sonatype.nexus.bootstrap.osgi.DelegatingFilter.doFilter(DelegatingFilter.java:73) [org.sonatype.nexus.bootstrap:3.0.0.SNAPSHOT] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1419) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:455) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1075) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:384) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1009) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at com.codahale.metrics.jetty8.InstrumentedHandler.handle(InstrumentedHandler.java:192) [com.codahale.metrics.jetty8:3.0.2] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.Server.handle(Server.java:370) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) [org.eclipse.jetty.aggregate.jetty-all-server:8.1.11.v20130520] at java.lang.Thread.run(Thread.java:745) [na:1.7.0_71] Caused by: org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens. at org.sonatype.security.authentication.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication(FirstSuccessfulModularRealmAuthenticator.java:81) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:269) [org.apache.shiro.core:1.2.3] at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) [org.apache.shiro.core:1.2.3] at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) [org.apache.shiro.core:1.2.3] at org.sonatype.security.DefaultSecuritySystem.authenticate(DefaultSecuritySystem.java:153) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] ... 105 common frames omitted {quote} Anyone should be able to reproduce this easily by going into the anonymous section (in NX3 I had to enable custom), typing in a wrong password (like "1") and saving. Deletion is not needed to see this issue, that's just how I found it.

    Sonatype JIRA | 2 years ago | Joe Tom
    org.sonatype.security.authentication.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. org.apache.shiro.authc.AuthenticationException

      Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.

      at org.sonatype.nexus.security.authc.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication()
    2. org.sonatype.nexus
      FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication
      1. org.sonatype.nexus.security.authc.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication(FirstSuccessfulModularRealmAuthenticator.java:65)[na:na]
      1 frame
    3. Shiro
      DefaultSecurityManager.login
      1. org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:269)[na:na]
      2. org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)[org.apache.shiro.core:1.2.3]
      3. org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)[org.apache.shiro.core:1.2.3]
      4. org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)[org.apache.shiro.core:1.2.3]
      4 frames
    4. ${project.groupId}:${project.artifactId}
      NexusWebSecurityManager.login
      1. org.apache.shiro.nexus.NexusWebSecurityManager.login(NexusWebSecurityManager.java:56)[na:na]
      1 frame
    5. Shiro
      AuthenticatingFilter.executeLogin
      1. org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)[org.apache.shiro.core:1.2.3]
      2. org.apache.shiro.web.filter.authc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53)[org.apache.shiro.web:1.2.3]
      2 frames
    6. org.sonatype.nexus
      SessionAuthenticationFilter.onAccessDenied
      1. org.sonatype.nexus.rapture.internal.SessionAuthenticationFilter.onAccessDenied(SessionAuthenticationFilter.java:70)[org.sonatype.nexus.plugins.nexus-rapture-plugin:3.0.0.SNAPSHOT]
      1 frame
    7. Shiro
      AbstractShiroFilter.executeChain
      1. org.apache.shiro.web.filter.AccessControlFilter.onAccessDenied(AccessControlFilter.java:133)[org.apache.shiro.web:1.2.3]
      2. org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162)[org.apache.shiro.web:1.2.3]
      3. org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203)[org.apache.shiro.web:1.2.3]
      4. org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178)[org.apache.shiro.web:1.2.3]
      5. org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131)[org.apache.shiro.web:1.2.3]
      6. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)[org.apache.shiro.web:1.2.3]
      7. org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)[org.apache.shiro.web:1.2.3]
      8. org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)[org.apache.shiro.web:1.2.3]
      8 frames
    8. Nexus Core
      SecurityFilter.executeChain
      1. org.sonatype.nexus.security.SecurityFilter.executeChain(SecurityFilter.java:85)[org.sonatype.nexus.security:3.0.0.SNAPSHOT]
      1 frame
    9. Shiro
      AbstractShiroFilter.doFilterInternal
      1. org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)[org.apache.shiro.web:1.2.3]
      2. org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)[org.apache.shiro.core:1.2.3]
      3. org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)[org.apache.shiro.core:1.2.3]
      4. org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)[org.apache.shiro.core:1.2.3]
      5. org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)[org.apache.shiro.web:1.2.3]
      5 frames
    10. Nexus Core
      SecurityFilter.doFilterInternal
      1. org.sonatype.nexus.security.SecurityFilter.doFilterInternal(SecurityFilter.java:101)[org.sonatype.nexus.security:3.0.0.SNAPSHOT]
      1 frame
    11. Shiro
      OncePerRequestFilter.doFilter
      1. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)[org.apache.shiro.web:1.2.3]
      1 frame
    12. Guice - Servlet
      FilterChainInvocation.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      1 frame
    13. com.sonatype.nexus
      LicensingRedirectFilter.doFilter
      1. com.sonatype.nexus.licensing.internal.LicensingRedirectFilter.doFilter(LicensingRedirectFilter.java:130)[com.sonatype.nexus.plugins.nexus-licensing-plugin:3.0.0.SNAPSHOT]
      1 frame
    14. Guice - Servlet
      FilterChainInvocation.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      1 frame
    15. com.codahale.metrics
      AbstractInstrumentedFilter.doFilter
      1. com.codahale.metrics.servlet.AbstractInstrumentedFilter.doFilter(AbstractInstrumentedFilter.java:97)[com.codahale.metrics.servlet:3.0.2]
      1 frame
    16. Guice - Servlet
      FilterChainInvocation.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      1 frame
    17. org.sonatype.nexus
      ErrorPageFilter.doFilter
      1. org.sonatype.nexus.internal.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:63)[org.sonatype.nexus.core:3.0.0.SNAPSHOT]
      1 frame
    18. Guice - Servlet
      FilterChainInvocation.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      1 frame
    19. org.sonatype.nexus
      EnvironmentFilter.doFilter
      1. org.sonatype.nexus.internal.web.EnvironmentFilter.doFilter(EnvironmentFilter.java:92)[org.sonatype.nexus.core:3.0.0.SNAPSHOT]
      1 frame
    20. Guice - Servlet
      GuiceFilter.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      2. com.google.inject.servlet.DynamicFilterPipeline.dispatch(DynamicFilterPipeline.java:104)[com.google.inject:4.0.0]
      3. com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133)[com.google.inject:4.0.0]
      4. com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130)[com.google.inject:4.0.0]
      5. com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203)[com.google.inject:4.0.0]
      6. com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130)[com.google.inject:4.0.0]
      6 frames
    21. org.sonatype.nexus
      DelegatingFilter.doFilter
      1. org.sonatype.nexus.bootstrap.osgi.DelegatingFilter.doFilter(DelegatingFilter.java:73)[org.sonatype.nexus.bootstrap:3.0.0.SNAPSHOT]
      1 frame
    22. Jetty
      HandlerWrapper.handle
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)[org.eclipse.jetty.servlet:9.2.9.v20150224]
      2. org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)[org.eclipse.jetty.servlet:9.2.9.v20150224]
      3. org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)[org.eclipse.jetty.server:9.2.9.v20150224]
      4. org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)[org.eclipse.jetty.security:9.2.9.v20150224]
      5. org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)[org.eclipse.jetty.server:9.2.9.v20150224]
      6. org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)[org.eclipse.jetty.server:9.2.9.v20150224]
      7. org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)[org.eclipse.jetty.servlet:9.2.9.v20150224]
      8. org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)[org.eclipse.jetty.server:9.2.9.v20150224]
      9. org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)[org.eclipse.jetty.server:9.2.9.v20150224]
      10. org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)[org.eclipse.jetty.server:9.2.9.v20150224]
      11. org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)[org.eclipse.jetty.server:9.2.9.v20150224]
      11 frames
    23. Metrics Integration for Jetty 9.1 and higher
      InstrumentedHandler.handle
      1. com.codahale.metrics.jetty9.InstrumentedHandler.handle(InstrumentedHandler.java:175)[com.codahale.metrics.jetty9:3.0.2]
      1 frame
    24. Jetty
      QueuedThreadPool$3.run
      1. org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)[org.eclipse.jetty.server:9.2.9.v20150224]
      2. org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)[org.eclipse.jetty.server:9.2.9.v20150224]
      3. org.eclipse.jetty.server.Server.handle(Server.java:497)[org.eclipse.jetty.server:9.2.9.v20150224]
      4. org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310)[org.eclipse.jetty.server:9.2.9.v20150224]
      5. org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)[org.eclipse.jetty.server:9.2.9.v20150224]
      6. org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540)[org.eclipse.jetty.io:9.2.9.v20150224]
      7. org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)[org.eclipse.jetty.util:9.2.9.v20150224]
      8. org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)[org.eclipse.jetty.util:9.2.9.v20150224]
      8 frames
    25. Java RT
      Thread.run
      1. java.lang.Thread.run(Thread.java:745)[na:1.8.0_20]
      1 frame