X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N This is a multi-part message in MIME format. ------_=_NextPart_001_01C6C6C2.448E451D Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hello, I've deployed an LDAP realm and now I am having problems deploying a test web application that uses the global LDAP realm to login. I've taken the TimeReportApp example as my test and tried to use my own LDAP realm for authentication. The error I'm receiving is a javax.security.auth.login.LoginException "Error filling callback list" . I have used a packet sniffer to verify that I'm getting a list of groups that a user is a member of from LDAP, so it appears that my LDAP security realm is working appropriately. =20 =20 Thanks in advance! Dave Wolff =20 Here is my web.xml: =20 =20

index.jsp

=20

employee

/employee/* =20

employee =20

=20

manager

/manager/* =20

manager

=20

FORM

letnet-realm

/login/login.jsp

/login/login_error.jsp

=20 employee =20 manager =20 =20

AddTimeRecordServlet

AddTimeRecordServlet =20 org.apache.geronimo.samples.timereport.web.AddTimeRecordS ervlet

AddEmployeeServlet

AddEmployeeServlet =20 org.apache.geronimo.samples.timereport.web.AddEmployeeSer vlet =20

AddTimeRecordServlet

/employee/add_timerecord

AddEmployeeServlet

/manager/add_employee

=20 =20 And here is the geronimo-web.xml: =20 TimeReportApp =20 =20 /timereport =20 letnet-realm =20

=20 =20 =20

------_=_NextPart_001_01C6C6C2.448E451D Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hello,

=20 I've deployed an LDAP realm and now I am having problems deploying a = test web=20 application that uses the global LDAP realm to login. I've taken = the=20 TimeReportApp example as my test and tried to use my own LDAP realm for=20 authentication. The error I'm receiving is a=20 javax.security.auth.login.LoginException "Error filling callback=20 list" . I have used a packet sniffer to verify that = I'm getting a list of groups that a user is a member of from = LDAP, so=20 it appears that my LDAP security realm is working=20 appropriately.

Thanks = in=20 advance!

Dave=20 Wolff

Here = is my=20 web.xml:

<?xml=20 version=3D"1.0" encoding=3D"UTF-8"?>
<web-app xmlns=3D"http://java.sun.com/xml/ns/j2ee<= /A>"
=20 xmlns:xsi=3D"http://www.w3.org/2001= /XMLSchema-instance"
=20 xsi:schemaLocation=3D"http://java.sun.com/xml/ns/j2ee<= /A>
=20 http://java.sun.= com/xml/ns/j2ee/web-app_2_4.xsd"
=20 version=3D"2.4">
=20
<welcome-file-list>
  <welcome-file>in= dex.jsp</welcome-file>
=20 </welcome-file-list>
=20
<security-constraint>
  <web-resour= ce-collection>
   <web-resource-name>employee&= lt;/web-resource-name>
   <url-pattern>/employ= ee/*</url-pattern>
  </web-resour= ce-collection>
  <auth-constraint>
  &= nbsp;<role-name>employee</role-name>   =20
  </auth-constraint>
</security-constrain= t>

<security-constraint>
  <w= eb-resource-collection>
   <web-resource-name>= manager</web-resource-name>
   <url-pattern>= ;/manager/*</url-pattern>
  </web= -resource-collection>
  <auth-constraint>
=   <role-name>manager</role-name>
  <= ;/auth-constraint>
</security-constraint>

= <login-config>
  <auth-method>FORM</aut= h-method>
  <realm-name>letnet-realm</realm-name= >
  <form-login-config>
   <fo= rm-login-page>/login/login.jsp</form-login-page>
  = <form-error-page>/login/login_error.jsp</form-error-page&g= t;
  </form-login-config>
</login-config&g= t;

<security-role>
  <role-name&= gt;employee</role-name>
   =20 </security-role>
<security-role>
&nbs= p;<role-name>manager</role-name>
  &= nbsp;=20 </security-role>
    =
   =20 <servlet>
    =20 <display-name>AddTimeRecordServlet</display-name>
&n= bsp;  =20 <servlet-name>AddTimeRecordServlet</servlet-name>
&n= bsp;  =20 <servlet-class>org.apache.geronimo.samples.timereport.web.AddTimeRe= cordServlet</servlet-class>
=20 </servlet>
=20 <servlet>
    =20 <display-name>AddEmployeeServlet</display-name>
&nbs= p;  =20 <servlet-name>AddEmployeeServlet</servlet-name>
&nbs= p;  =20 <servlet-class>org.apache.geronimo.samples.timereport.web.AddEmploy= eeServlet</servlet-class>
=20 </servlet>

=20 <servlet-mapping>
    =20 <servlet-name>AddTimeRecordServlet</servlet-name>
&n= bsp;  =20 <url-pattern>/employee/add_timerecord</url-pattern>
=   =20 </servlet-mapping>
   =20 <servlet-mapping>
    =20 <servlet-name>AddEmployeeServlet</servlet-name>
&nbs= p;  =20 <url-pattern>/manager/add_employee</url-pattern>
&nb= sp; =20 </servlet-mapping>
       =20
</web-app>

And = here is the=20 geronimo-web.xml:

<?xml=20 version=3D"1.0" = encoding=3D"UTF-8"?>
<web-app
xmlns=3D"http://geronimo.a= pache.org/xml/ns/j2ee/web-1.1">

<environment= >
  <moduleId>
   <artifactId&= gt;TimeReportApp</artifactId>
  </moduleId> = ;
</environment>

<contex= t-root>/timereport</context-root>

<securit= y-realm-name>letnet-realm</security-realm-name>

&nb= sp;<security>
  <default-principal=20 realm-name=3D"letnet-realm">
   <principal=20 name=3D"anonymous"
      =20 class=3D"org.apache.geronimo.security.realm.providers.GeronimoUserPrincip= al"
      =20 />
  </default-principal>
  <role-m= appings>
   <role=20 role-name=3D"employee">
    <realm=20 realm-name=3D"letnet-realm">
     <prin= cipal=20 name=3D"SG-FacultyStaff"

class=3D"org.apache.geronimo.security.realm.pr= oviders.GeronimoGroupPrincipal"
      =20 />
    </realm>
  &nbs= p;</role>
   <role=20 role-name=3D"manager">
    <realm=20 realm-name=3D"letnet-realm">
     <prin= cipal=20 name=3D"SG-FacultyStaff"

class=3D"org.apache.geronimo.security.realm.pr= oviders.GeronimoGroupPrincipal"
     />&nb= sp;
    </realm>&nbs= p;
   </ro= le>
  </role-mappings>
   =20 </security>
</web-app>

------_=_NextPart_001_01C6C6C2.448E451D--