geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Paul McMahan (JIRA)" <...@geronimo.apache.org>
Subject [jira] Updated: (GERONIMO-1782) Properties File Login module fails after editing through Admin Console
Date Tue, 09 May 2006 16:56:04 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-1782?page=all ]

Paul McMahan updated GERONIMO-1782:
-----------------------------------

    Attachment: GERONIMO-1782.patch

The problem is that when the updated LoginModuleSettings options are serialized to config.xml
the o.a.g.common.propertyeditor.PropertiesEditor inherits its getAsText() method from PropertyEditorSupport,
which simply returns the String value of the Properties object.  That inherited method does
not provide a string version of the properties object that is suitable for loading into a
new Properties object when the server restarts.

The attached patch overrides the getAsText() method, using Properites#store to create the
text value of the Properties object.

> Properties File Login module fails after editing through Admin Console
> ----------------------------------------------------------------------
>
>          Key: GERONIMO-1782
>          URL: http://issues.apache.org/jira/browse/GERONIMO-1782
>      Project: Geronimo
>         Type: Bug
>     Security: public(Regular issues) 
>   Components: common
>     Versions: 1.0, 1.2, 1.1
>  Environment: Win XP, Sun JDK 1.4.2_08
>     Reporter: Vamsavardhana Reddy
>      Fix For: 1.1
>  Attachments: GERONIMO-1782.patch
>
> Geronimo-properties-realm fails to initialize after editing the realm thru Admin Console.
> Steps to reproduce the problem.
> 1.  Open the "Security Realms" portlet in Admin Console.
> 2.  Click on "edit" link provided next to "geronimo-properties-realm.
> 3.  Click on "Save" button in the next page.  PS: No need to edit anything in this page.
> 4.  Restart the server.
> 5.  Access Admin Console to notice that the realm nolonger works.
> NOTE:  To make the realm work again, stop the server and remove the following xml fragment
from var/config/config.xml
>     <gbean name="geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-security/1.0/car,J2EEServer=geronimo,j2eeType=LoginModule,name=properties-login">
>       <attribute name="options">{usersURI=var/security/users.properties, groupsURI=var/security/groups.properties}</attribute>
>       <attribute name="serverSide">True</attribute>
>       <attribute name="wrapPrincipals">False</attribute>
>       <attribute name="loginModuleClass">org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule</attribute>
>     </gbean>
> At step 5, the following exception is logged to geronimo.log.
> 13:53:41,950 ERROR [PropertiesFileLoginModule] Initialization failed
> java.lang.IllegalArgumentException: Both usersURI and groupsURI must be provided!
> 	at org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.initialize(PropertiesFileLoginModule.java:77)
> 	at org.apache.geronimo.security.jaas.server.JaasLoginService.getServerLoginCallbacks(JaasLoginService.java:205)
> 	at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
> 	at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
> 	at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
> 	at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
> 	at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
> 	at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
> 	at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
> 	at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
> 	at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$7dca63e6.getServerLoginCallbacks(<generated>)
> 	at org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:68)
> 	at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189)
> 	at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> 	at java.lang.reflect.Method.invoke(Unknown Source)
> 	at javax.security.auth.login.LoginContext.invoke(Unknown Source)
> 	at javax.security.auth.login.LoginContext.access$000(Unknown Source)
> 	at javax.security.auth.login.LoginContext$4.run(Unknown Source)
> 	at java.security.AccessController.doPrivileged(Native Method)
> 	at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
> 	at javax.security.auth.login.LoginContext.login(Unknown Source)
> 	at org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:94)
> 	at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305)
> 	at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148)
> 	at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282)
> 	at org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191)
> 	at org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:585)
> 	at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432)
> 	at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
> 	at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
> 	at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
> 	at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
> 	at org.mortbay.http.HttpServer.service(HttpServer.java:909)
> 	at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
> 	at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982)
> 	at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> 	at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
> 	at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> 	at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message