Return-Path: 
 <users-return-11649-apmail-jackrabbit-users-archive=jackrabbit.apache.org@jackrabbit.apache.org>
Delivered-To: apmail-jackrabbit-users-archive@minotaur.apache.org
Received: (qmail 43561 invoked from network); 18 Jun 2009 08:53:35 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 18 Jun 2009 08:53:35 -0000
Received: (qmail 29519 invoked by uid 500); 18 Jun 2009 08:53:46 -0000
Delivered-To: apmail-jackrabbit-users-archive@jackrabbit.apache.org
Received: (qmail 29502 invoked by uid 500); 18 Jun 2009 08:53:46 -0000
Mailing-List: contact users-help@jackrabbit.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@jackrabbit.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@jackrabbit.apache.org>
List-Post: <mailto:users@jackrabbit.apache.org>
List-Id: <users.jackrabbit.apache.org>
Reply-To: users@jackrabbit.apache.org
Delivered-To: mailing list users@jackrabbit.apache.org
Received: (qmail 29489 invoked by uid 99); 18 Jun 2009 08:53:46 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Jun 2009 08:53:46 +0000
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_HELO_PASS,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates
 216.139.236.158 as permitted sender)
Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 18 Jun 2009 08:53:35 +0000
Received: from isper.nabble.com ([192.168.236.156])
	by kuber.nabble.com with esmtp (Exim 4.63)
	(envelope-from <lists@nabble.com>)
	id 1MHDMw-0001Vw-4x
	for users@jackrabbit.apache.org; Thu, 18 Jun 2009 01:53:14 -0700
Message-ID: <24088924.post@talk.nabble.com>
Date: Thu, 18 Jun 2009 01:53:14 -0700 (PDT)
From: _Eric_ <eric_@web.de>
To: users@jackrabbit.apache.org
Subject: Re: Security and Login jackrabbit1.5
In-Reply-To: <4A39F1CA.5040706@certus-tech.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Nabble-From: eric_@web.de
References: <24076236.post@talk.nabble.com> <4A39F1CA.5040706@certus-tech.com>
X-Virus-Checked: Checked by ClamAV on apache.org


Rob, thanks for the reply. You are right I am on a JBoss. 

I configured the JAAS with a user.properties, but I will try your
suggestion. So I don't have to care about the properties file. I thought I
could avoid the JAAS module, because it is (smal) additional configuration
effort and an addition trap. 

Greetings
Eric


Certus Technology wrote:
> 
> _Eric_ wrote:
>> Hallo list,
>> 
>> I have a problem during upgrade to version 1.5. The following serurity
>> configuration worked fine with 1.4:
>> <Security appName="Jackrabbit">
>> 		<!--
>> 			access manager:
>> 			class: FQN of class implementing the AccessManager interface
>> 		-->
>> 		<AccessManager
>> 			class="org.apache.jackrabbit.core.security.SimpleAccessManager">
>> 			<!--  -->
>> 		</AccessManager>
>> 
>> 		<LoginModule
>> 			class="org.apache.jackrabbit.core.security.SimpleLoginModule">
>> 			<!-- anonymous user name ('anonymous' is the default value) -->
>> 			
>> 			<!--
>> 				default user name to be used instead of the anonymous user
>> 				when no login credentials are provided (unset by default)
>> 			-->
>> 			
>> 		</LoginModule>
>> 	</Security>
>> 
>> But with 1.5 I got the following exception:
>> 
>> 15:15:36,953 ERROR [UsersRolesLoginModule] Failed to load
>> users/passwords/role files
>> java.io.IOException: No properties file: users.properties or defaults:
>> defaultUsers.properties found
>> 	at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315)
>> 	at
>> org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
>> 	at
>> org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
>> 	at
>> org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
>> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> 	at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>> 	at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>> 	at java.lang.reflect.Method.invoke(Method.java:597)
>> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
>> 	at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> 	at java.security.AccessController.doPrivileged(Native Method)
>> 	at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> 	at
>> org.apache.jackrabbit.core.security.authentication.JAASAuthContext.login(JAASAuthContext.java:60)
>> 	at
>> org.apache.jackrabbit.core.RepositoryImpl.login(RepositoryImpl.java:1356)
>> 
>> I don't need any security stuff. ATM I don't want to define any user. 
>> 
>> Any help?
>> 
>> Greetings
> 
> By reading your stack trace, I assume you are using jboss.
> 
> Jackrabbit is configured to use a JAAS login module, by default, called 
> Jackrabbit. You must have one configured in your jboss login-config.xml 
> file.
> 
> check this file:
> 
> ${JBOSS_HOME}/server/default/conf/login-config.xml
> 
> for an entry like this:
> 
>      <application-policy name="Jackrabbit">
>        <authentication>
>          <login-module 
> code="org.apache.jackrabbit.core.security.simple.SimpleLoginModule" flag 
> = "required" >
>          </login-module>
>        </authentication>
>      </application-policy>
> 
> 
> Regards
> 
> Rob
> -- 
> Certus Technology Associates Limited.
> http://www.certus-tech.com
> Tel: +44 (0)114 272 5081
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Security-and-Login-jackrabbit1.5-tp24076236p24088924.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.