Return-Path: Delivered-To: apmail-geronimo-user-archive@www.apache.org Received: (qmail 87396 invoked from network); 20 Mar 2006 20:05:07 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 20 Mar 2006 20:05:07 -0000 Received: (qmail 82089 invoked by uid 500); 20 Mar 2006 20:05:04 -0000 Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org Received: (qmail 82060 invoked by uid 500); 20 Mar 2006 20:05:04 -0000 Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: user@geronimo.apache.org List-Id: Delivered-To: mailing list user@geronimo.apache.org Received: (qmail 82047 invoked by uid 99); 20 Mar 2006 20:05:04 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 20 Mar 2006 12:05:04 -0800 X-ASF-Spam-Status: No, hits=0.1 required=10.0 tests=HTML_MESSAGE,HTML_TAG_EXIST_TBODY,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of ammulder@gmail.com designates 66.249.92.201 as permitted sender) Received: from [66.249.92.201] (HELO uproxy.gmail.com) (66.249.92.201) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 20 Mar 2006 12:05:03 -0800 Received: by uproxy.gmail.com with SMTP id m2so648286ugc for ; Mon, 20 Mar 2006 12:04:42 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:references; b=ETKMhZa3BKHzdYwMh+msWVH5mr0kiUqlBxuZ5qoepeULdzHgjEz3+VGqknwn5KM8r0fgf4SRXeWS043PAs024hUyNrjw+l4oKGXelBe5/tMCJr8u2+Xyd2vRuAcYuRTGBO2B+ezCZq08NpWqYuaEiVo3k2eAotqW36gJTZ7QPQI= Received: by 10.67.21.17 with SMTP id y17mr2068170ugi; Mon, 20 Mar 2006 12:04:41 -0800 (PST) Received: by 10.67.15.17 with HTTP; Mon, 20 Mar 2006 12:04:41 -0800 (PST) Message-ID: <74e15baa0603201204q69ea35aet4dd3ee6dda083bef@mail.gmail.com> Date: Mon, 20 Mar 2006 15:04:41 -0500 From: "Aaron Mulder" Sender: ammulder@gmail.com To: user@geronimo.apache.org Subject: Re: JAAS configuration in geronimo In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_9325_29413888.1142885081712" References: <74e15baa0603201001u34a36c91wb2d9f310cec056be@mail.gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N ------=_Part_9325_29413888.1142885081712 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline The error seems to be saying that it can't find com.mysql.jdbc.Driver in th= e MySQL 3.0.15 JAR that you put in the repository. It seems unlikely, but ca= n you run a "jar -tf" on that JAR and make sure that there's a com/mysql/jdbc/Driver.class in there? If there is, perhaps we have a bug and we don't load the JAR correctly for the test. I'm pretty sure this will work if you set up a JDBC pool in the console and then just point your security realm to that instead of separately configuring the JDBC JAR and connection settings in the security realm screen. Thanks, Aaron On 3/20/06, EricCho@kryos.com wrote: > > > Thanks Aaron..... that's leading me in the right direction..... > > I'm having troubles setting up the security realm.... > > I'm using the WAS CE console.... which pretty much looks like the geronim= o > console.. > > > I'm not exactly sure what the error message is asking for. A dependency > in the web app? I wouldn't think so, because the security realm seems to= be > a totally separate component to the web app.... > > Do you see any glaring errors? Or is there something else i should be > doing? > > Thanks, > Eric > > > > > > > > *"Aaron Mulder" * > Sent by: ammulder@gmail.com > > 20/03/2006 11:01 AM > Please respond to > user@geronimo.apache.org > > To > user@geronimo.apache.org cc > > Subject > Re: JAAS configuration in geronimo > > > > > > > So we override the default JAAS file-based configuration mechanism > with a configuration system of our own based on Geronimo components > (GBeans). > > If you are doing this for a web application and you can use the normal > J2EE login routines, you can configure your login module as a Geronimo > security realm and let J2EE/Geronimo handle the login. > > If you are intentionally avoiding the J2EE login handling, then you > probably need to rewrite your JAAS configuration as a Geronimo service > configuration (we have GBeans that wrap login module configuration, > etc.). You'll also need to put your classes in a JAR in the > repository (geronimo/repository/whatever/your-login-code-1.0.jar). It > will probably be a little painful to write the configuration plan, but > hey, you only need to do it once. :) > > If you're going to need to write the plan, can you post the relevent > section from your existing JAAS config file? > > Thanks, > Aaron > > On 3/20/06, EricCho@kryos.com wrote: > > > > > > Hi Aaron, > > > > Sorry, should have been more descriptive. > > > > I create a loginContext and pass it in the name of the config file and > hand it the custom login call back handler. > > > > Then the login method is called; it goes back and grabs the user from a > MySQL database. If the user exists and the credentials fit, we figure ou= t > their role and send them on their way. If not, it throws a Login Excepti= on > and punts them back to the login page. > > > > > > Hopefully this helps. > > > > Thanks, > > Eric > > > > > > > > > > > > > > "Aaron Mulder" > > Sent by: ammulder@gmail.com > > > > 20/03/2006 09:50 AM > > > > Please respond to > > user@geronimo.apache.org > > > > > > To user@geronimo.apache.org > > > > cc > > > > > > Subject Re: JAAS configuration in geronimo > > > > > > > > > > > > > > > > > > How are you planning to use this JAAS component? For example, is it a > > LoginModule that you want to use to validate logins to the web > > container? > > > > Thanks, > > Aaron > > > > On 3/20/06, EricCho@kryos.com wrote: > > > > > > > > > Sorry... let's try that with a subject heading > > > ..... > > > > > > > > > > > > Eric Cho/Kryos > > > > > > 20/03/2006 09:44 AM > > > > > > To user@geronimo.apache.org > > > > > > cc > > > > > > > > > Subject > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hi all, > > > > > > I'm trying to port an app over to WAS CE (which we all know is > geronimo with and ibm admin console). > > > > > > I have a JAAS component and I'm having trouble configuring it. > > > > > > In tomcat it's as easy as opening the tomcat properties dialogue, > going to the java tab and adding the following under java options: > > > -Djava.security.auth.login.config=3DC:\Tomcat > 5.5\conf\JAASConfig\thisSitesSecurity.config > > > > > > > > > How do I got about doing it in WAS CE? In the config.xml or the > geromino-web.xml? > > > > > > Any help would be appreciated, > > > > > > Eric > > > > > > > > > > > > > > > > > > > > > ------=_Part_9325_29413888.1142885081712 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline The error seems to be saying that it can't find com.mysql.jdbc.Driver in th= e MySQL 3.0.15 JAR that you put in the repository.  It seems unlikely,= but can you run a "jar -tf" on that JAR and make sure that there= 's a com/mysql/jdbc/Driver.class in there?  If there is, perhaps we ha= ve a bug and we don't load the JAR correctly for the test.

I'm pretty sure this will work if you set up a JDBC pool in the con= sole and then just point your security realm to that instead of separately = configuring the JDBC JAR and connection settings in the security realm scre= en.

Thanks,
     Aaron

On 3/20/06, EricCho@kryos.com <EricCho@kryos.com > wrote:

Thanks Aaron..... that's leading m= e in the right direction.....

I'm having troubles setting up the= security realm....

I'm using the WAS CE console.... w= hich pretty much looks like the geronimo console..


I'm not exactly sure what the erro= r message is asking for.   A dependency in the web app?  I wouldn't think so, because the security realm seems to be a totally separate compone= nt to the web app....

Do you see any glaring errors? &nb= sp;Or is there something else i should be doing?

Thanks,
Eric







20/03/2006 11:01 AM

Please respond t= o
user@geronimo.apache.org
To
user@geronimo.apache.org
cc
Subject
Re: JAAS confi= guration in geronimo







So we override the default JAAS file-based configu= ration mechanism
with a configuration system of our own based on Geronimo components
(GBeans).

If you are doing this for a web application and you can use the normal
J2EE login routines, you can configure your login module as a Geronimo
security realm and let J2EE/Geronimo handle the login.

If you are intentionally avoiding the J2EE login handling, then you
probably need to rewrite your JAAS configuration as a Geronimo service
configuration (we have GBeans that wrap login module configuration,
etc.).  You'll also need to put your classes in a JAR in the
repository (geronimo/repository/whatever/your-login-code-1.0.jar).  It=
will probably be a little painful to write the configuration plan, but
hey, you only need to do it once.  :)

If you're going to need to write the plan, can you post the relevent
section from your existing JAAS config file?

Thanks,
   Aaron

On 3/20/06, EricCho@kryos.com <= ; EricCho@kryos.com> wrote:
>
>
> Hi Aaron,
>
> Sorry, should have been more descriptive.
>
> I create a loginContext and pass it in the name of the config file and hand it the custom login call back handler.
>
> Then the login method is called; it goes back and grabs the user from a MySQL database.  If the user exists and the credentials fit, we figure out their role and send them on their way.  If not, it throws a Login Exception and punts them back to the login page.
>
>
> Hopefully this helps.
>
> Thanks,
> Eric
>
>
>
>
>
>
>  "Aaron Mulder" <ammulder@alumni.princeton.edu>
> Sent by: ammulder@gmail.com<= br> >
> 20/03/2006 09:50 AM
>
> Please respond to
>  user@geronimo.apache= .org
>
>
> To user@geronimo.apache.or= g
>
> cc
>
>
> Subject Re: JAAS configuration in geronimo
>
>
>
>
>
>
>
>
> How are you planning to use this JAAS component?  For example, is it a
>  LoginModule that you want to use to validate logins to the web >  container?
>
>  Thanks,
>      Aaron
>
>  On 3/20/06, EricCho@kryos.c= om < EricCho@kryos.com> wrote:
>  >
>  >
>  > Sorry... let's try that with a subject heading
>  > .....
>  >
>  >
>  >
>  >  Eric Cho/Kryos
>  >
>  > 20/03/2006 09:44 AM
>  >
>  > To user@geronim= o.apache.org
>  >
>  > cc
>  >
>  >
>  > Subject
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >  Hi all,
>  >
>  >  I'm trying to port an app over to WAS CE (which we all know is geronimo with and ibm admin console).
>  >
>  > I have a JAAS component and I'm having trouble configuring it.
>  >
>  >  In tomcat it's as easy as opening the tomcat properti= es dialogue, going to the java tab and adding the following under java options= :
>  >  -Djava.security.auth.login.config=3DC:\Tomcat 5.5\con= f\JAASConfig\thisSitesSecurity.config
>  >
>  >
>  >  How do I got about doing it in WAS CE? In the config.= xml or the geromino-web.xml?
>  >
>  >  Any help would be appreciated,
>  >
>  > Eric
>  >
>  >
>  >
>  >
>  >
>
>

------=_Part_9325_29413888.1142885081712--