org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.

Sonatype JIRA | Daniel Sauble | 2 years ago
tip
Your exception is missing from the Samebug knowledge base.
Here are the best solutions we found on the Internet.
Click on the to mark the helpful solution and get rewards for you help.
  1. 0

    Steps to reproduce: + Go to the User feature, and change the password for `admin`. + Log out, and try to log back in (attempt fails). + Restart the server, and try to log in (fails). + Delete the sonatype-work folder, restart the server, and try to log in (fails). + Rebuild Nexus, start the server, and try to log in (works!) Example: http://take.ms/8KZGd Log output: {code} 2015-05-12 18:35:10,021+0100 INFO [qtp838028810-52] *UNKNOWN org.sonatype.nexus.rapture.internal.SessionAuthenticationFilter - Failure: token=org.apache.shiro.authc.UsernamePasswordToken - admin, rememberMe=false (127.0.0.1) org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens. at org.sonatype.nexus.security.authc.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication(FirstSuccessfulModularRealmAuthenticator.java:65) [na:na] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:269) [na:na] at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198) [org.apache.shiro.core:1.2.3] at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) [org.apache.shiro.core:1.2.3] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) [org.apache.shiro.core:1.2.3] at org.apache.shiro.nexus.NexusWebSecurityManager.login(NexusWebSecurityManager.java:56) [na:na] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) [org.apache.shiro.core:1.2.3] at org.apache.shiro.web.filter.authc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53) [org.apache.shiro.web:1.2.3] at org.sonatype.nexus.rapture.internal.SessionAuthenticationFilter.onAccessDenied(SessionAuthenticationFilter.java:70) [org.sonatype.nexus.plugins.nexus-rapture-plugin:3.0.0.SNAPSHOT] at org.apache.shiro.web.filter.AccessControlFilter.onAccessDenied(AccessControlFilter.java:133) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) [org.apache.shiro.web:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) [org.apache.shiro.web:1.2.3] at org.sonatype.nexus.security.SecurityFilter.executeChain(SecurityFilter.java:85) [org.sonatype.nexus.security:3.0.0.SNAPSHOT] at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) [org.apache.shiro.web:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) [org.apache.shiro.core:1.2.3] at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) [org.apache.shiro.core:1.2.3] at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383) [org.apache.shiro.core:1.2.3] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) [org.apache.shiro.web:1.2.3] at org.sonatype.nexus.security.SecurityFilter.doFilterInternal(SecurityFilter.java:101) [org.sonatype.nexus.security:3.0.0.SNAPSHOT] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) [org.apache.shiro.web:1.2.3] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at com.sonatype.nexus.licensing.internal.LicensingRedirectFilter.doFilter(LicensingRedirectFilter.java:130) [com.sonatype.nexus.plugins.nexus-licensing-plugin:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at com.codahale.metrics.servlet.AbstractInstrumentedFilter.doFilter(AbstractInstrumentedFilter.java:97) [com.codahale.metrics.servlet:3.0.2] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at org.sonatype.nexus.internal.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:63) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at org.sonatype.nexus.internal.web.EnvironmentFilter.doFilter(EnvironmentFilter.java:92) [org.sonatype.nexus.core:3.0.0.SNAPSHOT] at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82) [com.google.inject:4.0.0] at com.google.inject.servlet.DynamicFilterPipeline.dispatch(DynamicFilterPipeline.java:104) [com.google.inject:4.0.0] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133) [com.google.inject:4.0.0] at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130) [com.google.inject:4.0.0] at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203) [com.google.inject:4.0.0] at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130) [com.google.inject:4.0.0] at org.sonatype.nexus.bootstrap.osgi.DelegatingFilter.doFilter(DelegatingFilter.java:73) [org.sonatype.nexus.bootstrap:3.0.0.SNAPSHOT] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) [org.eclipse.jetty.servlet:9.2.9.v20150224] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585) [org.eclipse.jetty.servlet:9.2.9.v20150224] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577) [org.eclipse.jetty.security:9.2.9.v20150224] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) [org.eclipse.jetty.servlet:9.2.9.v20150224] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) [org.eclipse.jetty.server:9.2.9.v20150224] at com.codahale.metrics.jetty9.InstrumentedHandler.handle(InstrumentedHandler.java:175) [com.codahale.metrics.jetty9:3.0.2] at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.Server.handle(Server.java:497) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) [org.eclipse.jetty.server:9.2.9.v20150224] at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540) [org.eclipse.jetty.io:9.2.9.v20150224] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) [org.eclipse.jetty.util:9.2.9.v20150224] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555) [org.eclipse.jetty.util:9.2.9.v20150224] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_20] 2015-05-12 18:35:10,022+0100 INFO [qtp838028810-52] *UNKNOWN org.sonatype.nexus.rapture.internal.SessionAuthenticationFilter - Access denied {code}

    Sonatype JIRA | 2 years ago | Daniel Sauble
    org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.

    Root Cause Analysis

    1. org.apache.shiro.authc.AuthenticationException

      Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure that at least one realm can authenticate these tokens.

      at org.sonatype.nexus.security.authc.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication()
    2. org.sonatype.nexus
      FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication
      1. org.sonatype.nexus.security.authc.FirstSuccessfulModularRealmAuthenticator.doMultiRealmAuthentication(FirstSuccessfulModularRealmAuthenticator.java:65)[na:na]
      1 frame
    3. Shiro
      DefaultSecurityManager.login
      1. org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:269)[na:na]
      2. org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)[org.apache.shiro.core:1.2.3]
      3. org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)[org.apache.shiro.core:1.2.3]
      4. org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)[org.apache.shiro.core:1.2.3]
      4 frames
    4. ${project.groupId}:${project.artifactId}
      NexusWebSecurityManager.login
      1. org.apache.shiro.nexus.NexusWebSecurityManager.login(NexusWebSecurityManager.java:56)[na:na]
      1 frame
    5. Shiro
      AuthenticatingFilter.executeLogin
      1. org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)[org.apache.shiro.core:1.2.3]
      2. org.apache.shiro.web.filter.authc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53)[org.apache.shiro.web:1.2.3]
      2 frames
    6. org.sonatype.nexus
      SessionAuthenticationFilter.onAccessDenied
      1. org.sonatype.nexus.rapture.internal.SessionAuthenticationFilter.onAccessDenied(SessionAuthenticationFilter.java:70)[org.sonatype.nexus.plugins.nexus-rapture-plugin:3.0.0.SNAPSHOT]
      1 frame
    7. Shiro
      AbstractShiroFilter.executeChain
      1. org.apache.shiro.web.filter.AccessControlFilter.onAccessDenied(AccessControlFilter.java:133)[org.apache.shiro.web:1.2.3]
      2. org.apache.shiro.web.filter.AccessControlFilter.onPreHandle(AccessControlFilter.java:162)[org.apache.shiro.web:1.2.3]
      3. org.apache.shiro.web.filter.PathMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203)[org.apache.shiro.web:1.2.3]
      4. org.apache.shiro.web.filter.PathMatchingFilter.preHandle(PathMatchingFilter.java:178)[org.apache.shiro.web:1.2.3]
      5. org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131)[org.apache.shiro.web:1.2.3]
      6. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)[org.apache.shiro.web:1.2.3]
      7. org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)[org.apache.shiro.web:1.2.3]
      8. org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)[org.apache.shiro.web:1.2.3]
      8 frames
    8. Nexus Core
      SecurityFilter.executeChain
      1. org.sonatype.nexus.security.SecurityFilter.executeChain(SecurityFilter.java:85)[org.sonatype.nexus.security:3.0.0.SNAPSHOT]
      1 frame
    9. Shiro
      AbstractShiroFilter.doFilterInternal
      1. org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)[org.apache.shiro.web:1.2.3]
      2. org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)[org.apache.shiro.core:1.2.3]
      3. org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)[org.apache.shiro.core:1.2.3]
      4. org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)[org.apache.shiro.core:1.2.3]
      5. org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)[org.apache.shiro.web:1.2.3]
      5 frames
    10. Nexus Core
      SecurityFilter.doFilterInternal
      1. org.sonatype.nexus.security.SecurityFilter.doFilterInternal(SecurityFilter.java:101)[org.sonatype.nexus.security:3.0.0.SNAPSHOT]
      1 frame
    11. Shiro
      OncePerRequestFilter.doFilter
      1. org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)[org.apache.shiro.web:1.2.3]
      1 frame
    12. Guice - Servlet
      FilterChainInvocation.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      1 frame
    13. com.sonatype.nexus
      LicensingRedirectFilter.doFilter
      1. com.sonatype.nexus.licensing.internal.LicensingRedirectFilter.doFilter(LicensingRedirectFilter.java:130)[com.sonatype.nexus.plugins.nexus-licensing-plugin:3.0.0.SNAPSHOT]
      1 frame
    14. Guice - Servlet
      FilterChainInvocation.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      1 frame
    15. com.codahale.metrics
      AbstractInstrumentedFilter.doFilter
      1. com.codahale.metrics.servlet.AbstractInstrumentedFilter.doFilter(AbstractInstrumentedFilter.java:97)[com.codahale.metrics.servlet:3.0.2]
      1 frame
    16. Guice - Servlet
      FilterChainInvocation.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      1 frame
    17. org.sonatype.nexus
      ErrorPageFilter.doFilter
      1. org.sonatype.nexus.internal.web.ErrorPageFilter.doFilter(ErrorPageFilter.java:63)[org.sonatype.nexus.core:3.0.0.SNAPSHOT]
      1 frame
    18. Guice - Servlet
      FilterChainInvocation.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      1 frame
    19. org.sonatype.nexus
      EnvironmentFilter.doFilter
      1. org.sonatype.nexus.internal.web.EnvironmentFilter.doFilter(EnvironmentFilter.java:92)[org.sonatype.nexus.core:3.0.0.SNAPSHOT]
      1 frame
    20. Guice - Servlet
      GuiceFilter.doFilter
      1. com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)[com.google.inject:4.0.0]
      2. com.google.inject.servlet.DynamicFilterPipeline.dispatch(DynamicFilterPipeline.java:104)[com.google.inject:4.0.0]
      3. com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133)[com.google.inject:4.0.0]
      4. com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130)[com.google.inject:4.0.0]
      5. com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203)[com.google.inject:4.0.0]
      6. com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130)[com.google.inject:4.0.0]
      6 frames
    21. org.sonatype.nexus
      DelegatingFilter.doFilter
      1. org.sonatype.nexus.bootstrap.osgi.DelegatingFilter.doFilter(DelegatingFilter.java:73)[org.sonatype.nexus.bootstrap:3.0.0.SNAPSHOT]
      1 frame
    22. Jetty
      HandlerWrapper.handle
      1. org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)[org.eclipse.jetty.servlet:9.2.9.v20150224]
      2. org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)[org.eclipse.jetty.servlet:9.2.9.v20150224]
      3. org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)[org.eclipse.jetty.server:9.2.9.v20150224]
      4. org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)[org.eclipse.jetty.security:9.2.9.v20150224]
      5. org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)[org.eclipse.jetty.server:9.2.9.v20150224]
      6. org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)[org.eclipse.jetty.server:9.2.9.v20150224]
      7. org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)[org.eclipse.jetty.servlet:9.2.9.v20150224]
      8. org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)[org.eclipse.jetty.server:9.2.9.v20150224]
      9. org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)[org.eclipse.jetty.server:9.2.9.v20150224]
      10. org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)[org.eclipse.jetty.server:9.2.9.v20150224]
      11. org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)[org.eclipse.jetty.server:9.2.9.v20150224]
      11 frames
    23. Metrics Integration for Jetty 9.1 and higher
      InstrumentedHandler.handle
      1. com.codahale.metrics.jetty9.InstrumentedHandler.handle(InstrumentedHandler.java:175)[com.codahale.metrics.jetty9:3.0.2]
      1 frame
    24. Jetty
      QueuedThreadPool$3.run
      1. org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)[org.eclipse.jetty.server:9.2.9.v20150224]
      2. org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)[org.eclipse.jetty.server:9.2.9.v20150224]
      3. org.eclipse.jetty.server.Server.handle(Server.java:497)[org.eclipse.jetty.server:9.2.9.v20150224]
      4. org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310)[org.eclipse.jetty.server:9.2.9.v20150224]
      5. org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)[org.eclipse.jetty.server:9.2.9.v20150224]
      6. org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540)[org.eclipse.jetty.io:9.2.9.v20150224]
      7. org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)[org.eclipse.jetty.util:9.2.9.v20150224]
      8. org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)[org.eclipse.jetty.util:9.2.9.v20150224]
      8 frames
    25. Java RT
      Thread.run
      1. java.lang.Thread.run(Thread.java:745)[na:1.8.0_20]
      1 frame