Return-Path: 
 <dev-return-75564-apmail-geronimo-dev-archive=geronimo.apache.org@geronimo.apache.org>
Delivered-To: apmail-geronimo-dev-archive@www.apache.org
Received: (qmail 64007 invoked from network); 4 Aug 2009 17:38:33 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 4 Aug 2009 17:38:33 -0000
Received: (qmail 52258 invoked by uid 500); 4 Aug 2009 17:38:38 -0000
Delivered-To: apmail-geronimo-dev-archive@geronimo.apache.org
Received: (qmail 52177 invoked by uid 500); 4 Aug 2009 17:38:37 -0000
Mailing-List: contact dev-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:dev-help@geronimo.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@geronimo.apache.org>
List-Post: <mailto:dev@geronimo.apache.org>
Reply-To: dev@geronimo.apache.org
List-Id: <dev.geronimo.apache.org>
Delivered-To: mailing list dev@geronimo.apache.org
Received: (qmail 52169 invoked by uid 99); 4 Aug 2009 17:38:37 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 Aug 2009 17:38:37 +0000
X-ASF-Spam-Status: No, hits=2.2 required=10.0
	tests=HTML_MESSAGE,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: local policy)
Received: from [209.85.220.210] (HELO mail-fx0-f210.google.com)
 (209.85.220.210)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 04 Aug 2009 17:38:29 +0000
Received: by fxm6 with SMTP id 6so2287286fxm.19
        for <dev@geronimo.apache.org>; Tue, 04 Aug 2009 10:38:08 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.131.18 with SMTP id i18mr3090280mun.28.1249407488017;
 Tue,
	04 Aug 2009 10:38:08 -0700 (PDT)
In-Reply-To: <0146F798-7189-4047-ACCB-19BFB269E85D@yahoo.com>
References: <73a75e430908030825j528da462l5bb2ffbe53271eff@mail.gmail.com>
	 <0146F798-7189-4047-ACCB-19BFB269E85D@yahoo.com>
Date: Tue, 4 Aug 2009 19:38:07 +0200
Message-ID: <f3a937580908041038k6681fb95qfd9c735cc8387778@mail.gmail.com>
Subject: Re: Compilation failures on trunk
From: Trygve Hardersen <trygve@jotta.no>
To: dev@geronimo.apache.org
Content-Type: multipart/alternative; boundary=001636416b4380c42704705459e8
X-Virus-Checked: Checked by ClamAV on apache.org

--001636416b4380c42704705459e8
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Hi

Is it possible that these changes broke run-as security for Jetty7 servlets?
At least something changed between r799958 and r800712 that causes our
run-as servlets to run as UNAUTHENTICATED with the latest Geronimo
2.2-SNAPSHOT.

I provided a sample application in relation to GERONIMO-4756 that
demonstrates run-as security for servlets talking to EJBs. AFAICT this now
behaves as prior to r797291 again; the servlets are not authenticated.

I've looked through the various run-as and security discussions that have
been going on lately, but I can't see that our approach has been invalidated
by any of the changes.

Any help or insight to this is greatly appreciated.

Thanks!

Trygve Hardersen
Jotta AS


On Mon, Aug 3, 2009 at 6:30 PM, David Jencks <david_jencks@yahoo.com> wrote:

> Greg changed some things around here over the weekend.  I'm looking into
> this.  There's some chance this will fix the problems Ivan mentioned with
> dispatch versus redirect to the login page.
>
> thanks
> david jencks
>
>
> On Aug 3, 2009, at 8:25 AM, Jason Warner wrote:
>
>  I'm seeing some compilation failures on trunk[1].  Does anyone else get
>> the same error?  I'm building using java version 1.5.0 update 19 on a mac.
>>  The TCK builds are seeing the same failures as well, and they run using the
>> same java version but on linux.
>>
>> [1]
>> [INFO]
>> ------------------------------------------------------------------------
>> [ERROR] BUILD FAILURE
>> [INFO]
>> ------------------------------------------------------------------------
>> [INFO] Compilation failure
>>
>> /Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java:[46,49]
>> cannot find symbol
>> symbol  : class SessionCachingAuthenticator
>> location: package org.eclipse.jetty.security.authentication
>>
>> /Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/connector/JettyConnector.java:[90,23]
>> [deprecation] getHeaderBufferSize() in org.eclipse.jetty.http.HttpBuffers
>> has been deprecated
>>
>> /Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/connector/JettyConnector.java:[93,16]
>> [deprecation] setHeaderBufferSize(int) in org.eclipse.jetty.http.HttpBuffers
>> has been deprecated
>>
>> /Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/JAASLoginService.java:[40,7]
>> org.apache.geronimo.jetty7.security.auth.JAASLoginService is not abstract
>> and does not override abstract method
>> validate(org.eclipse.jetty.server.UserIdentity) in
>> org.eclipse.jetty.security.LoginService
>>
>> /Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java:[102,32]
>> cannot find symbol
>> symbol  : class SessionCachingAuthenticator
>> location: class
>> org.apache.geronimo.jetty7.security.JettySecurityHandlerFactory
>>
>> /Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java:[102,60]
>> cannot find symbol
>> symbol  : constructor FormAuthenticator(java.lang.String,java.lang.String)
>> location: class
>> org.eclipse.jetty.security.authentication.FormAuthenticator
>>
>>
>> ~Jason Warner
>>
>

--001636416b4380c42704705459e8
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hi<br><br>Is it possible that these changes broke run-as security for Jetty=
7 servlets? At least something changed between r799958 and r800712 that cau=
ses our run-as servlets to run as UNAUTHENTICATED with the latest Geronimo =
2.2-SNAPSHOT.<br>
<br>I provided a sample application in relation to GERONIMO-4756 that demon=
strates run-as security for servlets talking to EJBs. AFAICT this now behav=
es as prior to r797291 again; the servlets are not authenticated.<br>
<br>I&#39;ve looked through the various run-as and security discussions tha=
t have been going on lately, but I can&#39;t see that our approach has been=
 invalidated by any of the changes.<br><br>Any help or insight to this is g=
reatly appreciated.<br>

<br>Thanks!<br><br>Trygve Hardersen<br>Jotta AS<br>
<br><br><div class=3D"gmail_quote">On Mon, Aug 3, 2009 at 6:30 PM, David Je=
ncks <span dir=3D"ltr">&lt;<a href=3D"mailto:david_jencks@yahoo.com" target=
=3D"_blank">david_jencks@yahoo.com</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Greg changed some=
 things around here over the weekend. =C2=A0I&#39;m looking into this. =C2=
=A0There&#39;s some chance this will fix the problems Ivan mentioned with d=
ispatch versus redirect to the login page.<br>




<br>
thanks<br><font color=3D"#888888">
david jencks</font><div><div></div><div><br>
<br>
On Aug 3, 2009, at 8:25 AM, Jason Warner wrote:<br>
<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I&#39;m seeing some compilation failures on trunk[1]. =C2=A0Does anyone els=
e get the same error? =C2=A0I&#39;m building using java version 1.5.0 updat=
e 19 on a mac. =C2=A0The TCK builds are seeing the same failures as well, a=
nd they run using the same java version but on linux.<br>




<br>
[1]<br>
[INFO] --------------------------------------------------------------------=
----<br>
[ERROR] BUILD FAILURE<br>
[INFO] --------------------------------------------------------------------=
----<br>
[INFO] Compilation failure<br>
<br>
/Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/=
geronimo/jetty7/security/JettySecurityHandlerFactory.java:[46,49] cannot fi=
nd symbol<br>
symbol =C2=A0: class SessionCachingAuthenticator<br>
location: package org.eclipse.jetty.security.authentication<br>
<br>
/Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/=
geronimo/jetty7/connector/JettyConnector.java:[90,23] [deprecation] getHead=
erBufferSize() in org.eclipse.jetty.http.HttpBuffers has been deprecated<br=
>




<br>
/Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/=
geronimo/jetty7/connector/JettyConnector.java:[93,16] [deprecation] setHead=
erBufferSize(int) in org.eclipse.jetty.http.HttpBuffers has been deprecated=
<br>




<br>
/Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/=
geronimo/jetty7/security/auth/JAASLoginService.java:[40,7] org.apache.geron=
imo.jetty7.security.auth.JAASLoginService is not abstract and does not over=
ride abstract method validate(org.eclipse.jetty.server.UserIdentity) in org=
.eclipse.jetty.security.LoginService<br>




<br>
/Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/=
geronimo/jetty7/security/JettySecurityHandlerFactory.java:[102,32] cannot f=
ind symbol<br>
symbol =C2=A0: class SessionCachingAuthenticator<br>
location: class org.apache.geronimo.jetty7.security.JettySecurityHandlerFac=
tory<br>
<br>
/Users/jason/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/=
geronimo/jetty7/security/JettySecurityHandlerFactory.java:[102,60] cannot f=
ind symbol<br>
symbol =C2=A0: constructor FormAuthenticator(java.lang.String,java.lang.Str=
ing)<br>
location: class org.eclipse.jetty.security.authentication.FormAuthenticator=
<br>
<br>
<br>
~Jason Warner<br>
</blockquote>
</div></div></blockquote></div><br>

--001636416b4380c42704705459e8--