Return-Path: 
 <tomcat-user-return-47876-apmail-jakarta-tomcat-user-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org
Received: (qmail 47209 invoked by uid 500); 19 Sep 2001 06:53:09 -0000
Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
Reply-To: tomcat-user@jakarta.apache.org
list-help: <mailto:tomcat-user-help@jakarta.apache.org>
list-unsubscribe: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
list-post: <mailto:tomcat-user@jakarta.apache.org>
Delivered-To: mailing list tomcat-user@jakarta.apache.org
Received: (qmail 47190 invoked from network); 19 Sep 2001 06:53:09 -0000
From: "Cor Hofman" <chofman@lucris.nl>
To: "tomcat" <tomcat-user@jakarta.apache.org>
Subject: My java.security.AccessControlException@Waterloo.be
Date: Wed, 19 Sep 2001 08:52:51 +0200
Message-ID: <NEBBLGMPNKCOHCILLCNEMEGECLAA.chofman@lucris.nl>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
Importance: Normal
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

I am stuck and need some help badly.

I try to get my application (JSP + EJB) running via tomcat 4.0 and
JBoss under Windows NT. I use a JAAS  authorization scheme, but what
I keep getting is the exception shown below.

java.security.AccessControlException: access denied
(java.security.SecurityPermission getProperty.login.configuration.provider)

The code I use to authenticate a user with JBoss is the following:

  AppCallbackHandler handler = new AppCallbackHandler(orgPin, userName,
                                          password.toCharArray());
  LoginContext lc = new LoginContext("companion", handler);
  lc.login();

It throws the exception at the "new LoginContext()".

I have set the environment variable CATALINA_OPTS to
-Djava.security.auth.login.config=%JBOSS_HOME%\client\auth.conf

The contents of the auth.conf file is:

other {
    org.jboss.security.ClientLoginModule  required;
};

The indicated module is available in the webapps/<mywebap>/WEB-INF/lib as
part of a .jar.

I also have added the following line to the catalina.policy file of tomcat
4.0
and started catalina using the "startup -security" command.

      permission java.util.SecurityPermission
"getProperty.login.configuration.provider";

The addition of the line above doesn't seem to make any impression
whatsoever. Any hints and suggestions are warmly welcomed, since I am out of
clues, tried whatever I could think of and am facing my Waterloo here.

Regards,

   Cor.