geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Krishnakumar B <www....@gmail.com>
Subject realm not getting added.
Date Mon, 10 Oct 2005 11:38:04 GMT
Hi,

I have realm deployed to server and i get the following INFO

[GeronimoLoginConfiguration] Added Application Configuration Entry ldap-realm

In latest build for M5 i am unable to get the realms to work except
geronimo-properties.realm which is loaded by default.

[GeronimoLoginConfiguration] Added Application Configuration Entry
geronimo-properties-realm

The other realms like file-realm,ldap-realm though deployed
successfully i am unable to access.

I get following error messages for file and ldap realm.

12:14:19,658 DEBUG [TomcatGeronimoRealm] JAASRealm login requested for
username "system" using LoginContext for application "file-realm"
12:14:27,169 DEBUG [ManagerBase] Start expire sessions StandardManager
at 1128926667169 sessioncount 0
12:14:27,169 DEBUG [ManagerBase] End expire sessions StandardManager
processingTime 0 expired sessions: 0
12:14:34,510 ERROR [TomcatGeronimoRealm] Unexpected error
javax.security.auth.login.LoginException: No LoginModules configured
for file-realm
	at javax.security.auth.login.LoginContext.init(LoginContext.java:211)
	at javax.security.auth.login.LoginContext.<init>(LoginContext.java:426)
	at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:356)
	at org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
	at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:391)
	at org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
	at org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
	at org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
	at org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
	at org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:526)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
	at java.lang.Thread.run(Thread.java:567)


and

the same message for LDAP realm.

I am not sure what i am missing here or wrong in the configuration.

<?xml version="1.0" encoding="UTF-8"?>
<configuration
    xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0"
    configId="org/apache/geronimo/file"
    parentId="org/apache/geronimo/Server"
 >

  <gbean name="file-login"
class="org.apache.geronimo.security.jaas.LoginModuleGBean">
        <attribute
name="loginModuleClass">org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule</attribute>
        <attribute name="serverSide">true</attribute>
        <attribute name="options">
            usersURI=var/security/users.properties
            groupsURI=var/security/groups.properties
        </attribute>
        <attribute name="loginDomainName">file-realm</attribute>
    </gbean>

    <gbean name="file-realm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
    <attribute name="realmName">file-realm</attribute>
    <reference name="LoginModuleConfiguration">
    	<name>file-login</name>
    </reference>
    <reference name="ServerInfo">
  	  <module>org/apache/geronimo/System</module>
   	  <name>ServerInfo</name>
    </reference>
    <reference name="LoginService"><module>org/apache/geronimo/Server</module><name>JaasLoginService</name></reference>
    </gbean>

    <gbean name="file-login" 
class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
    <attribute name="controlFlag">REQUIRED</attribute>
    <reference name="LoginModule">
    	 <name>file-login</name>
    </reference>

    </gbean>
</configuration>

I have a similar plan for LDAP.

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0"
xmlns:sec="http://geronimo.apache.org/xml/ns/security" configId="file"
parentId="org/apache/geronimo/file">
	<context-root>/FileTomCatWeb</context-root>
	<context-priority-classloader>false</context-priority-classloader>
	<security-realm-name>file-realm</security-realm-name>
	<security>
		<default-principal realm-name="file-realm">
			<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="system" />
		</default-principal>
		<role-mappings>
			<role role-name="admin">
				<realm realm-name="file-realm">
					<principal
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
name="admin" designated-run-as="true" />
					<principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="system" />
				</realm>
			</role>
			<role role-name="users">
				<realm realm-name="file-realm">
					<principal
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
name="users" designated-run-as="true" />
					<principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="user1" />
					<principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="user2" />
				</realm>
			</role>
			<role role-name="guest">
				<realm realm-name="file-realm">
					<principal
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
name="guest" designated-run-as="true" />
					<principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="guest1" />
				</realm>
			</role>
		</role-mappings>
	</security>
</web-app>

I am unable to get both to work in latest geronimo-M5 i installed.

Regards
Krishnakumar

Mime
View raw message