Return-Path: X-Original-To: apmail-jackrabbit-users-archive@minotaur.apache.org Delivered-To: apmail-jackrabbit-users-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9EB5EDE12 for ; Wed, 26 Sep 2012 09:07:05 +0000 (UTC) Received: (qmail 19782 invoked by uid 500); 26 Sep 2012 09:07:04 -0000 Delivered-To: apmail-jackrabbit-users-archive@jackrabbit.apache.org Received: (qmail 19545 invoked by uid 500); 26 Sep 2012 09:07:04 -0000 Mailing-List: contact users-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@jackrabbit.apache.org Delivered-To: mailing list users@jackrabbit.apache.org Received: (qmail 19505 invoked by uid 99); 26 Sep 2012 09:07:03 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Sep 2012 09:07:03 +0000 X-ASF-Spam-Status: No, hits=1.7 required=5.0 tests=FREEMAIL_ENVFROM_END_DIGIT,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of connuser1@gmail.com designates 209.85.219.42 as permitted sender) Received: from [209.85.219.42] (HELO mail-oa0-f42.google.com) (209.85.219.42) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Sep 2012 09:06:56 +0000 Received: by oagj1 with SMTP id j1so820488oag.1 for ; Wed, 26 Sep 2012 02:06:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=tObvRIYoFivvM6ZeETdzTqG+kLrFycxVkGlGA3CqxmQ=; b=BIGSazAREgCmoD9nuO/IGvclWSek4xG7dv7VRjxQhHIFSgZZf2oC+1mzdHJufSJzVu 0GPfSkxvh4HaphDhPZPI7fMbFvDn1n/Tx6huoGwZKvH3lKp2HVxsGtaVN0AyRxgrg/84 7PIEN5uhRX1gzxpYIOA4+k98kZsFns7IISasMHXykMdmDCOjLbO+ONW1zbS7ToAL+TEC jUHgojSBiPqruBHQF/4o0MckNcOp96yZGZqurcY7I2YykiEMnrSDpjakI/gavLNBttUV V56nq2Mh0FICIYtLMtnIL5Q+JUYSoOZmJ7h7JwytbCoF3akbFxd7va3LrcOKw1FT56ut NFnw== MIME-Version: 1.0 Received: by 10.60.172.107 with SMTP id bb11mr14527565oec.96.1348650395909; Wed, 26 Sep 2012 02:06:35 -0700 (PDT) Received: by 10.60.24.137 with HTTP; Wed, 26 Sep 2012 02:06:35 -0700 (PDT) In-Reply-To: References:

Date: Wed, 26 Sep 2012 14:36:35 +0530 Message-ID: Subject: Re: No session returned on repository.login From: connuser1 connuser1 To: users@jackrabbit.apache.org, chetan.mehrotra@gmail.com Content-Type: multipart/alternative; boundary=bcaec54d42bcc63ec604ca9723c8 X-Virus-Checked: Checked by ClamAV on apache.org --bcaec54d42bcc63ec604ca9723c8 Content-Type: text/plain; charset=ISO-8859-1 Also below is the complete stack to the point where canAccess returns false: DefaultAccessManager$WorkspaceAccess.canAccess(String) line: 542 DefaultAccessManager$WorkspaceAccess.access$100(DefaultAccessManager$WorkspaceAccess, String) line: 512 DefaultAccessManager.canAccess(String) line: 260 DefaultAccessManager.init(AMContext, AccessControlProvider, WorkspaceAccessManager) line: 154 DefaultSecurityManager.getAccessManager(Session, AMContext) line: 277 XASessionImpl(SessionImpl).createAccessManager(Subject) line: 350 XASessionImpl(SessionImpl).(RepositoryContext, Subject, WorkspaceConfig) line: 268 XASessionImpl(SessionImpl).(RepositoryContext, AuthContext, WorkspaceConfig) line: 234 XASessionImpl.(RepositoryContext, AuthContext, WorkspaceConfig) line: 99 RepositoryImpl.createSessionInstance(AuthContext, WorkspaceConfig) line: 1578 RepositoryImpl.createSession(AuthContext, String) line: 947 RepositoryImpl.login(Credentials, String) line: 1477 TransientRepository.login(Credentials, String) line: 381 TransientRepository(AbstractRepository).login(Credentials) line: 123 App.main(String[]) line: 28 On Wed, Sep 26, 2012 at 2:16 PM, connuser1 connuser1 wrote: > Hi > > Thanks for responding to my email! I am copy pasting my login module's > code below: > > package org.sdm.jackrabbitdemo; > > import java.security.Principal; > import java.util.Map; > > import javax.jcr.SimpleCredentials; > import javax.security.auth.Subject; > import javax.security.auth.callback.Callback; > import javax.security.auth.callback.CallbackHandler; > import javax.security.auth.login.LoginException; > import javax.security.auth.spi.LoginModule; > > import org.apache.jackrabbit.api.JackrabbitSession; > import org.apache.jackrabbit.api.security.user.Authorizable; > import org.apache.jackrabbit.api.security.user.UserManager; > import > org.apache.jackrabbit.core.security.authentication.CredentialsCallback; > import > org.apache.jackrabbit.core.security.authentication.RepositoryCallback; > > public class DemoLoginModule implements LoginModule { > > CallbackHandler callbackHandler; > Principal myPrincipal; > Subject subject; > > public boolean abort() throws LoginException { > System.out.println("abort called for DemoLoginModule"); > subject.getPrincipals().remove(myPrincipal); > return true; > } > > public boolean commit() throws LoginException { > System.out.println("commit called for DemoLoginModule"); > if (myPrincipal != null) { > subject.getPrincipals().add(myPrincipal); > myPrincipal = null; > return true; > } > return true; > } > > public void initialize(Subject subject, CallbackHandler callbackHandler, > Map sharedState, Map options) { > this.callbackHandler = callbackHandler; > this.subject = subject; > System.out.println("initialize called for DemoLoginModule"); > } > > public boolean login() throws LoginException { > System.out.println("login called for DemoLoginModule"); > // Setup default callback handlers. > RepositoryCallback repositoryCb = new RepositoryCallback(); > CredentialsCallback credentialsCb = new CredentialsCallback(); > try { > callbackHandler > .handle(new Callback[] { repositoryCb, credentialsCb }); > SimpleCredentials simpleCredentials = (SimpleCredentials) credentialsCb > .getCredentials(); > JackrabbitSession jcrSession = (JackrabbitSession) repositoryCb > .getSession(); > UserManager jcrUserManager = jcrSession.getUserManager(); > Authorizable authorizable = jcrUserManager > .getAuthorizable(simpleCredentials.getUserID()); > if (authorizable != null) > myPrincipal = authorizable.getPrincipal(); > else { > System.out.println("User not found, creating a new one"); > myPrincipal = jcrUserManager.createUser( > simpleCredentials.getUserID(), > new String(simpleCredentials.getPassword())) > .getPrincipal(); > jcrSession.save(); > } > return true; > } catch (Exception e) { > e.printStackTrace(); > throw new LoginException(e.getMessage()); > } > > } > > public boolean logout() throws LoginException { > subject.getPrincipals().remove(myPrincipal); > System.out.println("logout called for DemoLoginModule"); > return true; > } > > } > > > On Tue, Sep 25, 2012 at 7:26 PM, Chetan Mehrotra < > chetan.mehrotra@gmail.com> wrote: > >> Looks like you missed attaching the source code of the LoginModule. >> Can you attach that also? >> Chetan Mehrotra >> >> >> On Mon, Sep 24, 2012 at 7:02 PM, connuser1 connuser1 >> wrote: >> > Hi >> > >> > I am facing a problem wherein when I login to the repository, I get null >> > returned as jcrSession. For a background, I have written a Custom JAAS >> Login >> > Module for authentication. When a user is trying to login and not found >> in >> > the repository, I create the user then and there as follows: >> > >> > jcrUserManager.createUser(simpleCredentials.getUserID(),new >> > String(simpleCredentials.getPassword())) and then add the created users >> > principal to the subject. This is all happening fine. But when I try to >> > login using this user, I do not get a session. >> > >> > While trying to dig into the jackrabbit source code, I see that >> > org.apache.jackrabbit.core.RepositoryImpl throws >> LoginException("Workspace >> > access denied", ade); on calling SessionImpl session = >> > createSession(authCtx, workspaceName); >> > >> > Attaching my login module and application's soure code. >> > >> > Regards >> > connuser >> > > --bcaec54d42bcc63ec604ca9723c8--