Hi,

I'm still having trouble deploying the security realm. The realm itself is now deployed, but when trying to authenticate a user at the webapp I'm getting an UnsupportedCallbackException.

Actually I'm tracing it and it calls the LoginModule's login() method twice. The first time it throws the exception but the second one it does pass back the username and password through the callbacks.

The module and the webapp are working fine inside a stand-alone Tomcat. Any directions?

Thanks,

    Yeray Cabrera

Yeray Cabrera escribió:
Thanks Vamsavardhana!

It's running fine.

But I had trying to deploy the security realm configuration plan by command line and it did not run. Now I deploy the security realm configuration plan by web console.

Thanks

       Yeray Cabrera

Vamsavardhana Reddy escribió:
Hi Yeray,

The dependency you have included in geronimo-web.xml needs to go into this security realm configuration plan.  You do not need that dependency tag in geronimo-web.xml

Uninstall the configuration "SecurityRealm-ibms" from application management portlets.  Create a security realm plan xml separately.  You can simply add the dependency tag to the security realm plan you have sent earlier and deploy this newly created plan.

Vamsi

On 3/7/06, Yeray Cabrera <yeray.cabrera@integraas.com> wrote:
This is the deployment plan:

<configuration configId="SecurityRealm-ibms" xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0">
    <gbean name="ibms" class="org.apache.geronimo.security.realm.GenericSecurityRealm">
        <attribute name="realmName">ibms</attribute>
        <reference name="ServerInfo">
            <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-system/1.0/car,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name>
        </reference>
        <reference name="LoginService">
            <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-security/1.0/car,J2EEServer=geronimo,j2eeType=JaasLoginService,name=JaasLoginService</gbean-name>
        </reference>
        <xml-reference name="LoginModuleConfiguration">
            <log:login-config xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0">
                <log:login-module control-flag="REQUIRED" server-side="true" wrap-principals="false">
                    <log:login-domain-name>ibms</log:login-domain-name>
                    <log:login-module-class>com.ias.ibms.auth.nullauth.NullAuthLogin</log:login-module-class>
                </log:login-module>
            </log:login-config>
        </xml-reference>
    </gbean>
</configuration>


Vamsavardhana Reddy escribió:
Yeray,

Can you copy paste the plan for the security realm.  To see the plan, access the Security Realms portlet in Admin Console, Click on "edit" for the realm and click on "Show plan" button in the next page.

-Vamsi
On 3/7/06, Yeray Cabrera <yeray.cabrera@integraas.com> wrote:
Hi Vamsavardhana,

I used the wizard in Geronimo console and I see it´s "running" in Security Realms menu

I deployed with the following web.xml :

<web-app>
.....
     <login-config>
        <auth-method>FORM</auth-method>
          <realm-name>Example Form-Based Authentication Area</realm-name>
          <form-login-config>
            <form-login-page>/login.vm</form-login-page>
            <form-error-page>/error.vm</form-error-page>
         </form-login-config>
    </login-config>
 
    <security-role>
      <role-name>IBMS</role-name>
     </security-role>
  
    <security-constraint>
        <display-name>IBMS Security-Constraint</display-name>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>administration/*</url-pattern>
               <url-pattern>backoffice/*</url-pattern>
               <url-pattern>hotel/*</url-pattern>
               <url-pattern>maintenance/*</url-pattern>
               <url-pattern>management/*</url-pattern>
               <url-pattern>index/*</url-pattern>
               <url-pattern>*.do</url-pattern>
            <http-method>DELETE</http-method>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
            <http-method>PUT</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>IBMS</role-name>
        </auth-constraint>
    </security-constraint>
     
</web-app>

Thanks,

    Yeray Cabrera

      


Vamsavardhana Reddy escribió:
How is the Security Realm deployed?  I don't see it is part of the web application.

-Vamsi

On 3/7/06, Yeray Cabrera <yeray.cabrera@integraas.com> wrote:
Hi,

I´m trying to deploy a War in Geronimo with my own Security Realm.

First, I add an entry in Common libraries (the jar containing my classes)

Next, I add a security realm.

And finally, I deploy my a web app with the following deployment plan:

----------------------------------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<web-app
    xmlns="http://geronimo.apache.org/xml/ns/web"
    xmlns:naming="http://geronimo.apache.org/xml/ns/naming"
    configId="ibms"
    parentId="geronimo/j2ee-server/1.0/car">

    <dependency>
        <uri>ibms/ibmsauth/0.9.1/jar</uri>
    </dependency>

    <context-root>/ibms</context-root>
    <context-priority-classloader>true</context-priority-classloader>

    <security-realm-name>ibms</security-realm-name>
    <security>
        <default-principal>
            <principal name="anonymous"
            class="com.ias.ibms.auth.IBMSRole"
            />
        </default-principal>
    </security>
</web-app>
----------------------------------------------------------------------------------------------------------

The deploy is correct but when I try to access to my application , occurs the following exception:

----------------------------------------------------------------------------------------------------------
10:40:09,241 WARN  [TomcatGeronimoRealm] Login exception authenticating username "pancho"
javax.security.auth.login.LoginException: org.apache.geronimo.common.GeronimoSecurityException: Unable to instantiate login module
        at org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration.getLoginModule(JaasLoginModuleConfiguration.java:71)
        at org.apache.geronimo.security.jaas.server.JaasSecuritySession.<init>(JaasSecuritySession.java:64)
        at org.apache.geronimo.security.jaas.server.JaasLoginService.initializeClient(JaasLoginService.java:353)
        at org.apache.geronimo.security.jaas.server.JaasLoginService.connectToRealm(JaasLoginService.java:169)
        at org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>)
        at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53)
        at org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38)
        at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118)
        at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800)
        at org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57)
        at org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36)
        at org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96)
        at org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$901db4a3.connectToRealm(<generated>)
        at org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:95)
...
Caused by: java.lang.ClassNotFoundException: com.ias.ibms.auth.nullauth.NullAuthLogin
        at java.net.URLClassLoader$1.run(URLClassLoader.java:200)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
        at org.apache.geronimo.kernel.config.MultiParentClassLoader.loadClass(MultiParentClassLoader.java:209)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
        at org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration.getLoginModule(JaasLoginModuleConfiguration.java:69)
        ... 44 more
----------------------------------------------------------------------------------------------------------

Have somebody an idea,why the class is not found? I see it in common libraries

Thanks,

    Yeray Cabrera