Return-Path: Delivered-To: apmail-geronimo-dev-archive@www.apache.org Received: (qmail 7380 invoked from network); 29 Sep 2004 12:22:25 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 29 Sep 2004 12:22:25 -0000 Received: (qmail 89884 invoked by uid 500); 29 Sep 2004 12:22:10 -0000 Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org Received: (qmail 89825 invoked by uid 500); 29 Sep 2004 12:22:09 -0000 Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: dev@geronimo.apache.org Delivered-To: mailing list dev@geronimo.apache.org Received: (qmail 89796 invoked by uid 99); 29 Sep 2004 12:22:09 -0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (hermes.apache.org: local policy) Received: from [166.84.147.110] (HELO alan.toolazydogs.com) (166.84.147.110) by apache.org (qpsmtpd/0.28) with ESMTP; Wed, 29 Sep 2004 05:22:08 -0700 Subject: RE: support for security roles in web.xml MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Wed, 29 Sep 2004 08:19:42 -0400 Message-ID: X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 content-class: urn:content-classes:message X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: support for security roles in web.xml Thread-Index: AcSaYputaOKkKPu0RaKVqw1qeI4McQLu7hkg From: "Alan D. Cabrera" To: , "Prem kalyan" , X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Hey Prem, I'm sorry that I took so long to reply. You can see how Geronimo deploys security roles in the jetty security unit test. You'll want to look at the files: modules\jetty\src\test-resources\deployables\war3\WEB-INF\geronimo-web.x ml modules\jetty\src\test-resources\deployables\war3\WEB-INF\web.xml Regards, Alan > -----Original Message----- > From: Prem kalyan [mailto:prem.kalyan@gmail.com] > Sent: Tuesday, September 14, 2004 8:58 AM > To: dev@geronimo.apache.org; user@geronimo.apache.org > Subject: support for security roles in web.xml >=20 > hi all, >=20 >=20 > I want to know whether Security Role assignment is supported in web.xml > As in >=20 > Release Notes - Apache Geronimo - Version 1.0-M2 > under > ** Unimplemented and Unsupported Features > there is > * [GERONIMO-174] - Support for security-roles in web.xml >=20 > says its not supported. >=20 >=20 > i have the following entries in my web.xml. Will the follwoing work in > Geronimo. If it works please mail me what are changes i need to make > and where. >=20 >=20 > > > MySecureBit0 > /AdminRequestProcessor > GET > POST > > > administrator > > > NONE > > >=20 > > FORM >=20 > default >=20 > > /login.jsp > /error.jsp > > >=20 > > administrator > >=20 >=20 >=20 > The things i configured to get this working >=20 > 1 . Created a realm plan. >=20 > xmlns=3D"http://geronimo.apache.org/xml/ns/deployment" > configId=3D"org/apache/geronimo/petstore" > parentId=3D"org/apache/geronimo/Server"> >=20 > =20 > class=3D"org.apache.geronimo.security.realm.providers.PropertiesFileSecur= i ty > Realm"> > type=3D"java.lang.String">petstore-realm > 10000 > = type=3D"java.net.URI">var/security/petstore.users.properties > type=3D"java.net.URI">var/security/petstore.groups.properties= > name=3D"ServerInfo">geronimo.system:role=3DServerInfo > >=20 > =20 > class=3D"org.apache.geronimo.security.jaas.ConfigurationEntryRealmLoca > l"> > type=3D"java.lang.String">default > petstore- > realm > type=3D"org.apache.geronimo.security.jaas.LoginModuleControlFlag">REQUIRE= D attribute> > >=20 > > class=3D"org.apache.geronimo.jetty.JAASJettyRealm"> > name=3D"JettyContainer">geronimo.server:type=3DWebContainer,container=3DJ= etty< /r > eference> > type=3D"java.lang.String">default > type=3D"java.lang.String">default > >=20 > >=20 > 2. I included this plan in incubator-geronimo/modules/assembly/maven.xml > under this tag. >=20 > Building petstore configuration > failonerror=3D"true"> > > > > > >=20 > 3. i ran the maven file. >=20 > 4. i deployed petstore and petstoreAdmin on Geronimo Srever. >=20 >=20 > Problem , >=20 > 1. When i tried to login under admin application , it gave the following > error. >=20 > java.lang.NullPointerException > at > org.apache.geronimo.jetty.JettyServer$RealmDelegate.authenticate(JettySe rv > er.java:95) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate( Fo > rmAuthenticator.java:287) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticat or > .java:13 > at > org.mortbay.jetty.servlet.ServletHttpContext.jSecurityCheck(ServletHttpC on > text.java:114) > at > org.mortbay.jetty.servlet.ServletHttpContext.checkSecurityConstraints(Se rv > letHttpContext.java:130) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationH an > dler.java:411) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:512) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1442) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationCon te > xt.java:490) > at > org.apache.geronimo.jetty.JettyWebAppContext.handle(JettyWebAppContext.j av > a:173) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1394) > at org.mortbay.http.HttpServer.service(HttpServer.java:879) > at org.mortbay.http.HttpConnection.service(HttpConnection.java:821) > at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:98 > at org.mortbay.http.HttpConnection.handle(HttpConnection.java:83 > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:212 ) > at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:315) > at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:510) >=20 > can someone give me the reason for this error. >=20 > thanx in advance >=20 >=20 >=20 >=20 >=20 > -- > regards, > prem