geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim McConnell <tim.mcco...@gmail.com>
Subject Re: EJB Authentication Problem
Date Wed, 26 Sep 2007 02:42:59 GMT
Hi Kory, it took me a while to find the Eclipse plugin error messages you 
noticed. Are these below similar to the messages you're getting in your 
workspaces\.metadata\.log file ??

!ENTRY org.eclipse.emf.ecore 2 0 2007-09-21 17:37:42.265
!MESSAGE Both 'org.apache.geronimo.deployment.model' and 
'org.apache.geronimo.v11.deployment.model' register an extension parser for 
'deployment'

!ENTRY org.eclipse.emf.ecore 2 0 2007-09-21 17:37:42.281
!MESSAGE Both 'org.apache.geronimo.deployment.model' and 
'org.apache.geronimo.v11.deployment.model' register an extension parser for 'naming'

!ENTRY org.eclipse.emf.ecore 2 0 2007-09-21 17:37:42.281
!MESSAGE Both 'org.apache.geronimo.deployment.model' and 
'org.apache.geronimo.v11.deployment.model' register an extension parser for 'web'

If so, they are benign although somewhat confusing. Unfortunately, and as you've 
noticed, you cannot disable the features you don't need/want since all the 
features are tightly coupled. However, we hope to improve that in subsequent 
releases. Still, I shall open a JIRA to eliminate those warning messages. Thanks 
much for the feedback.


Kory Markevich wrote:
> I've been doing some research into using Geronimo 2.0.1 to host some
> EJB3 session beans, interacting with a stand-alone client.  I can
> connect to the server and call methods fine, but I've encountered some
> difficulties with security.  Specifically I've tried using
> Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS when
> creating the InitialContext, but this seems to be broken.  After some
> tracing it seems that
> org.apache.geronimo.openejb.GeronimoSecurityService.login( ) tries to
> create a LoginContext with a null security realm, which throws an
> exception and prevents authentication.  I noticed that the latest
> version of OpenEJB has added the key openejb.authentication.realmName,
> but this is not available in 2.0.1 (and it seems a bit backward having
> to have the client specify the security realm.)
> 
> I have been able to use
> org.apache.openejb.client.ClientSecurity.directAuthentication( ) to
> successfully authenticate, but it seems a bit hacky and is very OpenEJB
> specific (and also requires the client to provide the realm name.)
> 
> Is there something I'm missing or doing wrong?  I'm fairly new to EE
> stuff so hopefully it's just some newbie mistake.
> 
> BTW, a couple other things I noticed:
> 
> - EJB security is disabled if the geronimo-application.xml doesn't at
> least have an empty <security/> entry.  This means any security
> annotations are completely ignored, which surprised me.
> - EJB3 EAR's will not deploy using the Eclipse plugin unless they
> contain an application.xml file.  Renaming the ZIP file to an EAR and
> manually deploying works fine.
> - When creating new EJB3 projects in Eclipse, all geronimo-*.xml files
> reference the old schemas.  If the schemas are changed to the 2.0.1
> versions, then the editors fail (I'm assuming this is due to the EMF
> JIRA entry?)
> - When starting Eclipse, there are 3 warnings in the log compaining
> about 'org.apache.geronimo.deployment.model' and
> 'org.apache.geronimo.v11.deployment.model'.  I tried to disable the 1.0
> and 1.1 features to get rid of the warnings (since I didn't need those
> versions,) but then Geronimo 2.0 wouldn't be listed as an option when
> creating new projects.  The feature wasn't flagged as being broken
> however.
>  
> ________________________________
> 
> 
> Kory Markevich
> Tech Lead
> ACL Services Ltd. 
> 
> 1550 Alberni Street | Vancouver | BC | V6G 1A5
> Tel: 604 669 4225
> Email: kory_markevich@acl.com  | Web: www.acl.com  
> 
> ________________________________
> 
> The contents of this email are confidential and are for the intended
> recipient(s) named above only. If you are not the intended recipient,
> any copying, distribution or use of this email is prohibited. If you
> have received this email in error, please notify the sender and delete
> the email.
> 
> 

-- 
Thanks,
Tim McConnell

Mime
View raw message