geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Trygve Hardersen (JIRA)" <j...@apache.org>
Subject [jira] Commented: (GERONIMO-4756) jetty 7 ignores default subject settings unless authentication is set up
Date Thu, 23 Jul 2009 10:57:16 GMT

    [ https://issues.apache.org/jira/browse/GERONIMO-4756?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12734550#action_12734550
] 

Trygve Hardersen commented on GERONIMO-4756:
--------------------------------------------

Please feel free to do whatever you like with the sample project, nice that it's useful. I
think I uploaded it under the ASF license.

The behavior you're describing sound correct. For the non-authenticated the user has to specify
their name using the "name" parameter in the request, or they will be greeted as "null". I
was getting EJBAccessExceptions. Has your fix been made available somewhere? I'd love to test
it.

When trying to build the web-plugin project with the ServerAuthModule enable, which does not
do anything useful it must be said, I get ClassNotFoundException for no.jotta.jgs.web.DummyServerAuthModule.
I tried to put it in both the web-classes and realm-classes projects. When I add a direct
dependency between the web-plugin and web-classes projects, web-plugin won't start because
the ejb-classes EJB archive cannot be found in the local Maven repository. Here Geronimo is
searching for a ".ejb" file, but the file is named ".jar". This might have to do with the
way I've packaged the EAR and CAR, not sure.

Thanks for looking at this so quickly.

> jetty 7 ignores default subject settings unless authentication is set up
> ------------------------------------------------------------------------
>
>                 Key: GERONIMO-4756
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4756
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>    Affects Versions: 2.2
>            Reporter: David Jencks
>            Assignee: David Jencks
>             Fix For: 2.2
>
>         Attachments: Geronimo-4766.patch, jgs.tar.gz
>
>
> Jetty 7 should be setting up security stuff if a <security-realm-name> is definied,
not only if authentication is specifically configured: this will make default subjects work
when no auth is configured.  Should not be a problem for tomcat.... for some reason I found
this problem there already :-)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message