geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy (JIRA)" <>
Subject [jira] Commented: (GERONIMO-1602) Switching from Tomcat causes error in JAAS module: "Unable to instantiate login module"
Date Thu, 16 Nov 2006 11:08:37 GMT
    [ ] 
Vamsavardhana Reddy commented on GERONIMO-1602:

I have tested the following scenario in server built from branches\1.1.

I have created a login module (MyOwnLoginModule) & a principal class (MyPrincipal) and
placed the jar in WEB-INF\lib directory.  I have added a security realm gbean to geronimo-web.xml
and configured the application to authenticate against this realm.  The application deploys
and runs fine.   If I use GeronimoUserPrincipal in the login-module class and in role-mapping
the security part works fine.  Problem is with using "MyPrincipal".  The login is succeeding,
but, the authorization is not working as expected.  I guess the problem is due to classLoaders.

Having the loginmodule and principal classess in WEB-INF\classes dir or in a jar under WEB-INF\lib
did not make a difference.

> Switching from Tomcat causes error in JAAS module: "Unable to instantiate login module"
> ---------------------------------------------------------------------------------------
>                 Key: GERONIMO-1602
>                 URL:
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security, Tomcat
>    Affects Versions: 1.0
>         Environment: Windows XP Prof, JDK 1.5.0_06, Geronimo 1.0 (Tomcat, .zip)
>            Reporter: Karsten Voges
>             Fix For: 1.1.x
>         Attachments: geronimo-JAAS-login-error.txt
> I have a problem with porting a Tomcat application to Geronimo. The error stacktrace
is attached.
> I deployed the war without any deployment plan and the app seams to be working (JSPs
work and the startup-servlet works as well)
> But the JAASLoginModule was missing, so I could not log in. -> so far no Problem!
> Afterwards I configured a security realm with the console and after a restart my app
does not complain about a missing LoginModule but throws the attached error stacktrace.
> For Tomcat I do the following:
> in I set
> #######JAAS
> and the login.config looks like this:
> MyApp {
> Sufficient loginServlet="/login/login.jsp";
> };
> I tried to use a special geronimo-web.xml where I set the
> <context-priority-classloader>true</context-priority-classloader>
> But I still get the same error:
> org.apache.geronimo.common.GeronimoSecurityException:
Unable to instantiate login module
> Caused by: java.lang.ClassNotFoundException:
> Am I doing something wrong? The class is in the war I deployed, and everything works
fine in Tomcat.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:


View raw message