geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wolff, Dave" <DavidWo...@letu.edu>
Subject Problems configuring a web-app to use an LDAP realm
Date Wed, 23 Aug 2006 14:41:49 GMT
Hello,
    I've deployed an LDAP realm and now I am having problems deploying a
test web application that uses the global LDAP realm to login.  I've
taken the TimeReportApp example as my test and tried to use my own LDAP
realm for authentication.  The error I'm receiving is a
javax.security.auth.login.LoginException "Error filling callback list" .
I have used a packet sniffer to verify that I'm getting a list of groups
that a user is a member of from LDAP, so it appears that my LDAP
security realm is working appropriately.  
 
Thanks in advance!
Dave Wolff
 
Here is my web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
  http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
  version="2.4"> 
  
 <welcome-file-list>
  <welcome-file>index.jsp</welcome-file>
   </welcome-file-list>
   
 <security-constraint>
  <web-resource-collection>
   <web-resource-name>employee</web-resource-name>
   <url-pattern>/employee/*</url-pattern>   
  </web-resource-collection>
  <auth-constraint>
   <role-name>employee</role-name>    
  </auth-constraint>
 </security-constraint>
 
 <security-constraint>
  <web-resource-collection>
   <web-resource-name>manager</web-resource-name>
   <url-pattern>/manager/*</url-pattern>   
  </web-resource-collection>
  <auth-constraint>
   <role-name>manager</role-name>
  </auth-constraint>
 </security-constraint>
 
 <login-config>
  <auth-method>FORM</auth-method>
  <realm-name>letnet-realm</realm-name>
  <form-login-config>
   <form-login-page>/login/login.jsp</form-login-page>
   <form-error-page>/login/login_error.jsp</form-error-page>
  </form-login-config>
 </login-config>
 
 <security-role>
  <role-name>employee</role-name>  
     </security-role>
 <security-role>
  <role-name>manager</role-name>  
    </security-role>
     
    <servlet>
     <display-name>AddTimeRecordServlet</display-name>
     <servlet-name>AddTimeRecordServlet</servlet-name>
 
<servlet-class>org.apache.geronimo.samples.timereport.web.AddTimeRecordS
ervlet</servlet-class>
   </servlet>
   <servlet>
     <display-name>AddEmployeeServlet</display-name>
     <servlet-name>AddEmployeeServlet</servlet-name>
 
<servlet-class>org.apache.geronimo.samples.timereport.web.AddEmployeeSer
vlet</servlet-class>
   </servlet>
   
   <servlet-mapping>
     <servlet-name>AddTimeRecordServlet</servlet-name>
     <url-pattern>/employee/add_timerecord</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
     <servlet-name>AddEmployeeServlet</servlet-name>
     <url-pattern>/manager/add_employee</url-pattern>
    </servlet-mapping>
        
</web-app>
 
And here is the geronimo-web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app
 xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-1.1">
 
 <environment>
  <moduleId>
   <artifactId>TimeReportApp</artifactId>
  </moduleId>  
 </environment>
  
 <context-root>/timereport</context-root>
 
 <security-realm-name>letnet-realm</security-realm-name>
 
 <security>
  <default-principal realm-name="letnet-realm">
   <principal name="anonymous"
 
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipa
l"
       />
  </default-principal>
  <role-mappings>   
   <role role-name="employee">
    <realm realm-name="letnet-realm">
     <principal name="SG-FacultyStaff" 
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincip
al"
        />
    </realm>
   </role>
   <role role-name="manager">
    <realm realm-name="letnet-realm">
     <principal name="SG-FacultyStaff" 
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincip
al"
     />     
    </realm>        
   </role>
  </role-mappings>
    </security>
</web-app>

Mime
View raw message