geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alan D. Cabrera" <...@toolazydogs.com>
Subject RE: support for security roles in web.xml
Date Wed, 29 Sep 2004 12:19:42 GMT
Hey Prem,

I'm sorry that I took so long to reply.  You can see how Geronimo
deploys security roles in the jetty security unit test.  You'll want to
look at the files:

modules\jetty\src\test-resources\deployables\war3\WEB-INF\geronimo-web.x
ml
modules\jetty\src\test-resources\deployables\war3\WEB-INF\web.xml


Regards,
Alan

> -----Original Message-----
> From: Prem kalyan [mailto:prem.kalyan@gmail.com]
> Sent: Tuesday, September 14, 2004 8:58 AM
> To: dev@geronimo.apache.org; user@geronimo.apache.org
> Subject: support for security roles in web.xml
> 
> hi all,
> 
> 
> I want to know whether Security Role assignment is supported in
web.xml
> As in
> 
>           Release Notes - Apache Geronimo - Version 1.0-M2
>  under
>          ** Unimplemented and Unsupported Features
> there is
>          * [GERONIMO-174] - Support for security-roles in web.xml
> 
> says its not supported.
> 
> 
> i have the following entries in my web.xml. Will the follwoing work in
> Geronimo. If it works please mail me what are changes i need to make
> and where.
> 
> 
> <security-constraint>
>     <web-resource-collection>
>       <web-resource-name>MySecureBit0</web-resource-name>
>       <url-pattern>/AdminRequestProcessor</url-pattern>
>       <http-method>GET</http-method>
>       <http-method>POST</http-method>
>     </web-resource-collection>
>     <auth-constraint>
>       <role-name>administrator</role-name>
>     </auth-constraint>
>     <user-data-constraint>
>       <transport-guarantee>NONE</transport-guarantee>
>     </user-data-constraint>
>   </security-constraint>
> 
>   <login-config>
>     <auth-method>FORM</auth-method>
> 
>     <realm-name>default</realm-name>
> 
>     <form-login-config>
>       <form-login-page>/login.jsp</form-login-page>
>       <form-error-page>/error.jsp</form-error-page>
>     </form-login-config>
>   </login-config>
> 
>   <security-role>
>     <role-name>administrator</role-name>
>   </security-role>
> 
> 
> 
> The things i configured to get this working
> 
> 1  .  Created a realm plan.
> 
> <configuration
>       xmlns="http://geronimo.apache.org/xml/ns/deployment"
>       configId="org/apache/geronimo/petstore"
>       parentId="org/apache/geronimo/Server">
> 
> <gbean
name="geronimo.security:type=SecurityRealm,realm=petstore-realm"
> 
>
class="org.apache.geronimo.security.realm.providers.PropertiesFileSecuri
ty
> Realm">
>       <attribute name="realmName"
> type="java.lang.String">petstore-realm</attribute>
>       <attribute name="maxLoginModuleAge"
type="long">10000</attribute>
>       <attribute name="usersURI"
> type="java.net.URI">var/security/petstore.users.properties</attribute>
>       <attribute name="groupsURI"
>
type="java.net.URI">var/security/petstore.groups.properties</attribute>
>       <reference
> name="ServerInfo">geronimo.system:role=ServerInfo</reference>
> </gbean>
> 
> <gbean name="geronimo.security:type=ConfigurationEntry,jaasId=default"
> 
>
class="org.apache.geronimo.security.jaas.ConfigurationEntryRealmLoca
> l">
> 		<attribute name="applicationConfigName"
> type="java.lang.String">default</attribute>
> 		<attribute name="realmName"
type="java.lang.String">petstore-
> realm</attribute>
> 		<attribute name="controlFlag"
>
type="org.apache.geronimo.security.jaas.LoginModuleControlFlag">REQUIRED
</
> attribute>
> 	</gbean>
> 
>  	<!-- Jetty Realm that points to the Geronimo Demo Properties
File
> Realm -->
> 	<gbean name="geronimo.jetty:role=JaasRealm"
> class="org.apache.geronimo.jetty.JAASJettyRealm">
> 		<reference
>
name="JettyContainer">geronimo.server:type=WebContainer,container=Jetty<
/r
> eference>
> 		<attribute name="name"
> type="java.lang.String">default</attribute>
> 		<attribute name="loginModuleName"
> type="java.lang.String">default</attribute>
>     	</gbean>
> 
> </configuration>
> 
> 2. I included this plan in
incubator-geronimo/modules/assembly/maven.xml
>  under this tag.
> 
>       <ant:echo>Building petstore configuration</ant:echo>
>       <ant:java fork="true" jar="${distDir}/bin/deployer.jar"
> failonerror="true">
>           <ant:jvmarg value="-ea"/>
>           <ant:arg value="--install"/>
>           <ant:arg value="--plan"/>
>           <ant:arg value="target/plan/petstore-plan.xml"/>
>       </ant:java>
> 
> 3. i ran the maven file.
> 
> 4. i deployed petstore and petstoreAdmin on Geronimo Srever.
> 
> 
> Problem ,
> 
> 1.  When i tried to login under admin application , it gave the
following
> error.
> 
> java.lang.NullPointerException
>       at
>
org.apache.geronimo.jetty.JettyServer$RealmDelegate.authenticate(JettySe
rv
> er.java:95)
>       at
>
org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(
Fo
> rmAuthenticator.java:287)
>       at
>
org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticat
or
> .java:13
>       at
>
org.mortbay.jetty.servlet.ServletHttpContext.jSecurityCheck(ServletHttpC
on
> text.java:114)
>       at
>
org.mortbay.jetty.servlet.ServletHttpContext.checkSecurityConstraints(Se
rv
> letHttpContext.java:130)
>       at
>
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationH
an
> dler.java:411)
>       at
>
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:512)
>       at org.mortbay.http.HttpContext.handle(HttpContext.java:1442)
>       at
>
org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationCon
te
> xt.java:490)
>       at
>
org.apache.geronimo.jetty.JettyWebAppContext.handle(JettyWebAppContext.j
av
> a:173)
>       at org.mortbay.http.HttpContext.handle(HttpContext.java:1394)
>       at org.mortbay.http.HttpServer.service(HttpServer.java:879)
>       at
org.mortbay.http.HttpConnection.service(HttpConnection.java:821)
>       at
org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:98
>       at org.mortbay.http.HttpConnection.handle(HttpConnection.java:83
>       at
>
org.mortbay.http.SocketListener.handleConnection(SocketListener.java:212
)
>       at
org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:315)
>       at
org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:510)
> 
>   can someone give me the reason for this error.
> 
> thanx in advance
> 
> 
> 
> 
> 
> --
> regards,
> prem



Mime
View raw message