geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: WARN [SilentStartupMonitor] Unable to start ... (starting)
Date Wed, 09 Nov 2005 07:29:55 GMT 
I think you have an unsatisfied reference in your generic security  
realm.  Its much easier to see what is going on with the sercurity  
realm configuration if you use the xml-reference form to include the  
login module configurations inside your security realm gbean config.

I agree the first problem causes the second.

Here's an example config with 2 login modules:
     <gbean name="client-properties-realm"
         class="org.apache.geronimo.security.realm.GenericSecurityRealm">
         <attribute name="realmName">client-properties-realm</attribute>
         <xml-reference name="LoginModuleConfiguration">
             <lc:login-config  
xmlns:lc="http://geronimo.apache.org/xml/ns/loginconfig">
                 <lc:login-module control-flag="REQUIRED"  
server-side="true">
                      
<lc:login-domain-name>client-properties-realm</lc:login-domain-name>
                      
<lc:login-module- 
class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginMo 
dule</lc:login-module-class>
                     <lc:option  
name="usersURI">var/security/users.properties</lc:option>
                     <lc:option  
name="groupsURI">var/security/groups.properties</lc:option>
                 </lc:login-module>
                 <lc:login-module control-flag="REQUIRED"  
server-side="true">
                     <lc:login-domain-name>default</lc:login-domain-name>
                      
<lc:login-module- 
class>org.apache.geronimo.security.jaas.NamedUPCredentialLoginModule</ 
lc:login-module-class>
                     <lc:option  
name="org.apache.geronimo.jaas.NamedUPCredentialLoginModule.Name">defaul 
t</lc:option>
                 </lc:login-module>
             </lc:login-config>
         </xml-reference>
         <reference name="ServerInfo">
             <module>org/apache/geronimo/ClientSystem</module>
             <name>ServerInfo</name>
         </reference>
         <reference name="LoginService">
             <name>JaasLoginService</name>
         </reference>
     </gbean>

This is from an app-client config so some of the references include  
client-side module names which will not work on the server.

thanks
david jencks
On Nov 8, 2005, at 4:03 PM, Jacek Laskowski wrote:

> Hi,
>
> What does it mean? Where should I look for answers?
>
> 00:56:17,016 WARN  [SilentStartupMonitor] Unable to start  
> geronimo.server:name=petstore- 
> realm,J2EEServer=geronimo,J2EEApplication=null,j2eeType=SecurityRealm,J 
> 2EEModule=org/apache/geronimo/PetStoreSecurity1.3.2 (starting)
>
> I'm almost certain it is the reason why the authentication fails:
>
> 00:59:31,937 INFO  [JAASJettyRealm] problem
> javax.security.auth.login.LoginException: No LoginModules configured  
> for petstore-realm
>         at  
> javax.security.auth.login.LoginContext.init(LoginContext.java:256)
>         at  
> javax.security.auth.login.LoginContext.<init>(LoginContext.java:403)
>         at  
> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.ja 
> va:91)
>         at  
> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate 
> (FormAuthenticator.java:305)
>         at  
> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentica 
> tor.java:148)
>         at  
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtain 
> User(SecurityContextBeforeAfter.java:282)
>         at  
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkS 
> ecurityConstraints(SecurityContextBeforeAfter.java:191)
>         at  
> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(J 
> ettyWebAppContext.java:516)
>         at  
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplication 
> Handler.java:432)
>         at  
> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java: 
> 568)
>         at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
>         at  
> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationCo 
> ntext.java:635)
>         at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
>         at org.mortbay.http.HttpServer.service(HttpServer.java:954)
>         at  
> org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
>         at  
> org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
>         at  
> org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
>         at  
> org.mortbay.http.SocketListener.handleConnection(SocketListener.java: 
> 244)
>         at  
> org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
>         at  
> org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
>
> even though the following is in the plan:
>
>     <gbean name="petstore-realm"
>          
> class="org.apache.geronimo.security.realm.GenericSecurityRealm">
>         <attribute name="realmName">petstore-realm</attribute>
>         <reference name="LoginModuleConfiguration">
>             <name>petstore-login</name>
>         </reference>
>         <reference name="ServerInfo">
>             <module>org/apache/geronimo/System</module>
>             <name>ServerInfo</name>
>         </reference>
>         <reference  
> name="LoginService"><name>JaasLoginService</name></reference>
>     </gbean>
>
> When the LoginService reference is removed, another exception  
> (assertion, actually) is thrown during authentication with a message  
> that the module is null or something alike.
>
> Jacek
>
Mime
View raw message