geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: Problem in using a security realm added through geronimo console
Date Tue, 29 Nov 2005 16:35:58 GMT
It looks to me as if the portlet is broken, and needs to add

     <reference  
name="LoginService"><module>org/apache/geronimo/Security</ 
module><name>JaasLoginService</name></reference>

to the plan it generates.  Unfortunately I'm not sure how the portlet  
works.... perhaps filing a jira issue would be a good idea.

thanks
david jencks

On Nov 29, 2005, at 5:12 AM, Vamsavardhana Reddy wrote:

> The new realm is added through "Security realms" portlet and it shows  
> the following plan on clicking the "show plan" button.
>
>  <configuration configId="SecurityRealmonemore-security-realm"  
> parentId="org/apache/geronimo/Server"  
> xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0">
>      <gbean name="onemore-security-realm"  
> class="org.apache.geronimo.security.realm.GenericSecurityRealm">
>          <attribute name="realmName">onemore-security-realm</attribute>
>          <reference name="ServerInfo">
>               
> <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/ 
> apache/geronimo/ 
> System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name>
>          </reference>
>          <xml-reference name="LoginModuleConfiguration">
>              <log:login-config  
> xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0">
>                  <log:login-module control-flag="REQUIRED"  
> server-side="true">
>                       
> <log:login-domain-name>onemore-security-realm</log:login-domain-name>
>                       
> <log:login-module- 
> class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginM 
> odule</log:login-module-class>
>                      <log:option  
> name="usersURI">var/security/vamsi-users.properties</log:option>
>                      <log:option  
> name="groupsURI">var/security/vamsi-groups.properties</log:option>
>                  </log:login-module>
>              </log:login-config>
>          </xml-reference>
>      </gbean>
>  </configuration>
>
> On 11/29/05, Krishnakumar B <www.bkk@gmail.com> wrote:
>>
>> Check the deployment plan if the references are correct.
>>
>> Sample plan file.
>>
>>     <gbean name="test-realm"
>> class="org.apache.geronimo.security.realm.GenericSecurityRealm">
>>     <attribute name="realmName">test-realm</attribute>
>>     <reference name="LoginModuleConfiguration">
>>         <name>test-login</name>
>>     </reference>
>>      <reference name="ServerInfo">
>>           <module>org/apache/geronimo/System</module>
>>           <name>ServerInfo</name>
>>     </reference>
>>     <reference  
>> name="LoginService"><module>org/apache/geronimo/Security</ 
>> module><name>JaasLoginService</name></reference>
>>     </gbean>
>>
>>     <gbean name="test-login"
>> class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
>>     <attribute name="controlFlag">REQUIRED</attribute>
>>     <reference name="LoginModule">
>>         <name>test-login</name>
>>     </reference>
>>     </gbean>
>> </configuration>
>>
>> Regards
>> Krish
>>
>> On 11/29/05, Vamsavardhana Reddy < c1vamsi1c@gmail.com> wrote:
>> > Here is the description of problem I am facing.
>> >
>> > I have created a simple web application that uses a FORM  
>> authentication
>> > method.  In the deployment plan, I have configured the application  
>> to use
>> > "geronimo-properties-realm".  The application works fine.
>> >
>> > At this point a added a new realm with name  
>> "onemore-properties-realm"
>> > through the "Security Realms" portlet.  I have modified the  
>> deployment plan
>> > to use this newly added security realm and redeployed the  
>> application.  The
>> > security part of this application does not work anymore.  I am  
>> getting the
>> > following exception on login attempt.
>> >
>> >
>> > 17:41:53,036 INFO  [JAASJettyRealm] problem
>> > javax.security.auth.login.LoginException:
>> > java.lang.NullPointerException: target is null
>> >     at
>> > org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy  
>> (BasicProxyManager.java:104)
>> >     at
>> >  
>> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect( 
>> JaasLoginCoordinator.java:173)
>> >     at
>> >  
>> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initiali 
>> ze (JaasLoginCoordinator.java:85)
>> >     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>> > Method)
>> >     at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
>> > Source)
>> >     at
>> > sun.reflect.DelegatingMethodAccessorImpl.invoke (Unknown
>> > Source)
>> >     at java.lang.reflect.Method.invoke(Unknown Source)
>> >     at
>> > javax.security.auth.login.LoginContext.invoke(Unknown
>> > Source)
>> >     at
>> > javax.security.auth.login.LoginContext.access$000 (Unknown
>> > Source)
>> >     at javax.security.auth.login.LoginContext$4.run(Unknown
>> > Source)
>> >     at java.security.AccessController.doPrivileged(Native
>> > Method)
>> >     at
>> > javax.security.auth.login.LoginContext.invokeModule (Unknown
>> > Source)
>> >     at javax.security.auth.login.LoginContext.login(Unknown
>> > Source)
>> >     at
>> >  
>> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j 
>> ava:92)
>> >     at
>> >  
>> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat 
>> e(FormAuthenticator.java:305)
>> >     at
>> >  
>> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic 
>> ator.java:148)
>> >     at
>> >  
>> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai 
>> nUser(SecurityContextBeforeAfter.java:282)
>> >     at
>> >  
>> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check 
>> SecurityConstraints (SecurityContextBeforeAfter.java:191)
>> >     at
>> >  
>> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints( 
>> JettyWebAppContext.java:520)
>> >     at
>> > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch  
>> (WebApplicationHandler.java:432)
>> >     at
>> >  
>> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java: 
>> 568)
>> >     at
>> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
>> >     at
>> >  
>> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationC 
>> ontext.java:633)
>> >     at
>> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
>> >     at
>> > org.mortbay.http.HttpServer.service (HttpServer.java:954)
>> >     at
>> > org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
>> >     at
>> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
>> >     at
>> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
>> >     at
>> >  
>> org.mortbay.http.SocketListener.handleConnection(SocketListener.java: 
>> 244)
>> >     at
>> > org.mortbay.util.ThreadedServer.handle (ThreadedServer.java:357)
>> >     at
>> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
>> >
>> >     at
>> > javax.security.auth.login.LoginContext.invoke(Unknown
>> > Source)
>> >     at
>> > javax.security.auth.login.LoginContext.access$000(Unknown
>> > Source)
>> >     at javax.security.auth.login.LoginContext$4.run(Unknown
>> > Source)
>> >     at java.security.AccessController.doPrivileged (Native
>> > Method)
>> >     at
>> > javax.security.auth.login.LoginContext.invokeModule(Unknown
>> > Source)
>> >     at javax.security.auth.login.LoginContext.login(Unknown
>> > Source)
>> >     at
>> >  
>> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j 
>> ava:92)
>> >     at
>> >  
>> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat 
>> e(FormAuthenticator.java:305)
>> >     at
>> >  
>> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic 
>> ator.java:148)
>> >     at
>> >  
>> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai 
>> nUser(SecurityContextBeforeAfter.java :282)
>> >     at
>> >  
>> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check 
>> SecurityConstraints(SecurityContextBeforeAfter.java:191)
>> >     at
>> >  
>> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints  
>> (JettyWebAppContext.java:520)
>> >     at
>> >  
>> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicatio 
>> nHandler.java:432)
>> >     at
>> > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java  
>> :568)
>> >     at
>> > org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
>> >     at
>> >  
>> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationC 
>> ontext.java:633)
>> >     at
>> > org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
>> >     at
>> > org.mortbay.http.HttpServer.service(HttpServer.java:954)
>> >     at
>> > org.mortbay.http.HttpConnection.service(HttpConnection.java :816)
>> >     at
>> > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
>> >     at
>> > org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
>> >     at
>> > org.mortbay.http.SocketListener.handleConnection  
>> (SocketListener.java:244)
>> >     at
>> > org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
>> >     at
>> > org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
>> >
>> >
>


Mime
View raw message