tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: RealmBase's 'Container' requirement (revisited)
Date Wed, 11 Feb 2009 02:02:21 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All,

Just a bump since I didn't get any responses other than a question from
Chuck.

Mark? Filip? Bill? Tim? I'd even go for a flame from Remy. ;)

Thanks,
- -chris

On 2/5/2009 4:49 PM, Christopher Schultz wrote:
> All,
> 
> Back in July, I asked about RealmBase requiring a Container object in
> order to function properly. This has to do with using securityfilter
> with Tomcat's built-in Realms.
> 
> Here is a reference to the original thread:
> http://marc.info/?t=121751323100003&r=1&w=2
> 
> I've started playing around with implementing a trivial ContainerBase
> subclass and I'm running into trouble again so I was hoping that some of
> the TC devs could weigh-in.
> 
> My trivial ContainerBase subclass looks like this:
> 
>     private static class DummyContainer
>         extends org.apache.catalina.core.ContainerBase
>     {
> 
>         public String getInfo()
>         {
>             return "securityfilter_dummy_container/1.0";
>         }
>     }
> 
> ...and I essentially create a new Realm object and then call
> Realm.setContainer(). It looks like I'm getting farther than I was
> before, but I'm still getting errors deep down in Tomcat's internals.
> I'm getting an NPE in the DataSourceRealm (which is what I'm using as an
> example):
> 
> java.lang.NullPointerException
>         at
> org.apache.catalina.realm.DataSourceRealm.open(DataSourceRealm.java:402)
>         at
> org.apache.catalina.realm.DataSourceRealm.authenticate(DataSourceRealm.java:283)
>         at
> org.securityfilter.realm.catalina.CatalinaRealmAdapter.authenticate(CatalinaRealmAdapter.java:105)
> 
> The method in question (DataSourceRealm.open) looks like this:
> 
>     protected Connection open() {
> 
>         try {
>             Context context = null;
>             if (localDataSource) {
>                 context = ContextBindings.getClassLoader();
>                 context = (Context) context.lookup("comp/env");
>             } else {
>                 StandardServer server =
>                     (StandardServer) ServerFactory.getServer();
>                 context = server.getGlobalNamingContext();
>             }
>             DataSource dataSource =
> (DataSource)context.lookup(dataSourceName);   /// THIS IS LINE 402
>             return dataSource.getConnection();
>         } catch (Exception e) {
>             // Log the problem for posterity
> 
> containerLog.error(sm.getString("dataSourceRealm.exception"), e);
>         }
>         return null;
>     }
> 
> Since I've included catalina.jar and catalina-optional.jar in my webapp,
> classes like ServerFactory and friends haven't been initialized since
> they are dormant in my webapp. The "real" ServerFactory class being
> loaded by Tomcat's server ClassLoader are, I'm sure, doing quite well.
> 
> My question is this: how much of Tomcat's internals do I have to mock-up
> in order to get a Realm working outside of a legitimately running
> server? That sound like a ridiculous question, but securityfilter used
> to work with Tomcat Realms back in the day (4.x?) and now they don't
> (definitely 5.5, possibly 5.0 and 6.0 as well) because of this reliance
> upon more of Tomcat internals.
> 
> Should I continue down this road of trying to prop-up a Tomcat skeleton
> server inside the webapp's space, or would it be better to discontinue
> support for this feature?
> 
> Thanks,
> -chris

- ---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkmSMawACgkQ9CaO5/Lv0PDLpQCfbcL+tfBeYvtkLs0Hl7dqaKmj
vbYAn0Djma8LF8+bv1r3mVovuc572Cb3
=ZW3z
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message