Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 54383 invoked from network); 15 Dec 2009 11:25:53 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 15 Dec 2009 11:25:53 -0000 Received: (qmail 21330 invoked by uid 500); 15 Dec 2009 11:25:49 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 21286 invoked by uid 500); 15 Dec 2009 11:25:49 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 21275 invoked by uid 99); 15 Dec 2009 11:25:49 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 Dec 2009 11:25:49 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates 216.139.236.158 as permitted sender) Received: from [216.139.236.158] (HELO kuber.nabble.com) (216.139.236.158) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 Dec 2009 11:25:39 +0000 Received: from isper.nabble.com ([192.168.236.156]) by kuber.nabble.com with esmtp (Exim 4.63) (envelope-from ) id 1NKVWo-0003JP-LQ for users@tomcat.apache.org; Tue, 15 Dec 2009 03:25:18 -0800 Message-ID: <26793293.post@talk.nabble.com> Date: Tue, 15 Dec 2009 03:25:18 -0800 (PST) From: vramanaj To: users@tomcat.apache.org Subject: Re: How to access JNDI resources on Tomcat level In-Reply-To: <4B263AA9.5020000@pidster.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Nabble-From: vramanaj@gmail.com References: <48DBB24A.8050405@ceti.pl> <48DCF5B5.4010806@ceti.pl> <48DD15BD.6020202@christopherschultz.net> <48DD5D66.2040304@ceti.pl> <26574958.post@talk.nabble.com> <4B14FBBC.4070106@ceti.pl> <26590277.post@talk.nabble.com> <4B150088.4040307@ceti.pl> <26590651.post@talk.nabble.com> <26591040.post@talk.nabble.com> <4B150FD9.90806@pidster.com> <26591302.post@talk.nabble.com> <26592407.post@talk.nabble.com> <26777280.post@talk.nabble.com> <4B263AA9.5020000@pidster.com> X-Virus-Checked: Checked by ClamAV on apache.org The problem is https. For rememberMe in Josso, the site should be in ssl. I configured ssl in tomcat. Now i am getting the following error. I have installed the cert. in IE. Please help me if there are tomcat settings required for ssl. 15 Dec 2009 06:14:38,992 DEBUG Error getting client certs javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:352) at org.apache.tomcat.util.net.jsse.JSSESupport.getX509Certificates(JSSESupport.java:87) at org.apache.tomcat.util.net.jsse.JSSESupport.getPeerCertificateChain(JSSESupport.java:141) at org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:1012) at org.apache.coyote.Request.action(Request.java:352) at org.apache.catalina.connector.Request.getAttribute(Request.java:896) at org.apache.catalina.connector.RequestFacade.getAttribute(RequestFacade.java:263) at org.josso.gateway.signon.LoginSelectorAction.execute(LoginSelectorAction.java:67) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507) at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.josso.gateway.filter.ProtocolHandlerFilter.doFilter(ProtocolHandlerFilter.java:86) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:275) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:619) 15 Dec 2009 06:14:38,992 DEBUG Looking for cookie: JOSSO_REMEMBERME_josso 15 Dec 2009 06:14:38,992 DEBUG RemembermeCookie NOT found! Pid Ster wrote: > > On 14/12/2009 12:55, vramanaj wrote: >> >> Hi, >> >> I am through with the Josso configuration. Could be able to see the sso >> logon page, redirecting the authenticated username to the partner >> application. Facing problem with rememberMe option. Second time when i >> try >> to logon to the application, logon page is showing up again. I set >> 'rememberMeEnabled' to true in josso. For rememberMe in sso, i read that >> we >> need to set tomcat ssl enabled. I did that. JOSSO_REMEMBERME_josso is >> getting created. Still are there any configurations we need to do in >> tomcat >> ? > > No idea, but it sounds like a JOSSO problem. > Maybe that community can assist. > > > p > > >> Regards >> >> >> >> vramanaj wrote: >>> >>> Resolved AuthenticationFailureException issue. This is coming because i >>> have used basic-authentication scheme. If basic-authentication scheme >>> used, we need remove hasAlgorithm and hasEnconding properties in >>> josso-gateway-auth.xml file. >>> >>> Now Josso session id is getting created. But getting the below error >>> while >>> trying to access the application: >>> >>> java.lang.RuntimeException: Outbound relaying failed. No Principal >>> found. >>> Verify your SSO Agent Configuration! >>> org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:502) >>> >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) >>> >>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) >>> >>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) >>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) >>> java.lang.Thread.run(Thread.java:619) >>> >>> Tomcat log shows: >>> >>> Dec 1, 2009 8:51:55 AM >>> org.josso.gateway.audit.service.handler.LoggerAuditTrailHandler handle >>> INFO: Tue Dec 01 08:51:55 EST 2009 - sso-session - info - vjosyula - >>> createSession=success - ssoSessionId=EF9E9AFEDD935C7366BCA259DCC85577 >>> Dec 1, 2009 8:51:55 AM >>> org.josso.gateway.audit.service.handler.LoggerAuditTrailHandler handle >>> INFO: Tue Dec 01 08:51:55 EST 2009 - sso-user - info - vjosyula - >>> authenticationSuccess=success - >>> authScheme=basic-authentication,ssoSessionId=E >>> F9E9AFEDD935C7366BCA259DCC85577 >>> Dec 1, 2009 8:51:56 AM org.apache.catalina.realm.JAASRealm authenticate >>> WARNING: Login exception authenticating username "null" >>> javax.security.auth.login.LoginException: Login Failure: all modules >>> ignored >>> at >>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) >>> at >>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) >>> at >>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) >>> at java.security.AccessController.doPrivileged(Native Method) >>> at >>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) >>> at >>> javax.security.auth.login.LoginContext.login(LoginContext.java:579) >>> at >>> org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:363) >>> at >>> org.josso.tc60.agent.CatalinaSSOAgent.authenticate(CatalinaSSOAgent.java:95) >>> at >>> org.josso.agent.AbstractSSOAgent.processRequest(AbstractSSOAgent.java:335) >>> at >>> org.josso.tc60.agent.SSOAgentValve.invoke(SSOAgentValve.java:496) >>> at >>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) >>> at >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) >>> at >>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845) >>> at >>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) >>> at >>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) >>> at java.lang.Thread.run(Thread.java:619) >>> >>> >>> >>> >>> vramanaj wrote: >>>> >>>> User name and password are correct only. >>>> >>>> >>>> Pid Ster wrote: >>>>> >>>>> On 01/12/2009 12:37, vramanaj wrote: >>>>>> >>>>>> I have passed through this DataSource look up problem. I altered >>>>>> context.xml/web.xml of josso webapp. And also used short JNDI names >>>>>> at >>>>>> tomcat/web.xml/context.xml level (e.g. jdbc/DefaultDS), and full JNDI >>>>>> name >>>>>> at Josso configuration level (e.g. >>>>>> java:comp/env/jdbc/DefaultDS). >>>>>> >>>>>> Now when i try to access the application, getting the error Invalid >>>>>> Authentication Information. >>>>>> >>>>>> Tomcat log shows as: >>>>>> INFO: Tue Dec 01 07:31:45 EST 2009 - sso-user - info - vjosyula - >>>>>> authenticationFailed=failure - >>>>>> remoteHost=10.104.9.33,authScheme=basic-authent >>>>>> ication - >>>>>> ERROR:vjosyula:org.josso.auth.exceptions.AuthenticationFailureException >>>>> >>>>> I guess the user or password information is wrong then. >>>>> This would be a JOSSO problem, presumably... >>>>> >>>>> >>>>> p >>>>> >>>>> >>>>>> ----------------------------------------------------------------------------------------------------- >>>>>> >>>>>> >>>>>> >>>>>> vramanaj wrote: >>>>>>> >>>>>>> Added context.xml in META-INF directory. And also added resurce-ref >>>>>>> in >>>>>>> josso webapp. Still getting the same error. >>>>>>> >>>>>>> >>>>>>> Mikolaj Rydzewski-2 wrote: >>>>>>>> >>>>>>>> vramanaj wrote: >>>>>>>>> I have used jdbc/DefaultDS. Added ResourceLink to >>>>>>>>> Catalina/localhost/webapp.xml. >>>>>>>>> >>>>>>>>> >>>>>>>> docBase="/usr2/tomcat/sso/apache-tomcat-6.0.18-sso/webapps/partnerapp" >>>>>>>>> debug="99" reloadable="true" antiJARLocking="true" >>>>>>>>> antiResourceLocking="false" crossContext="true"> >>>>>>>>> >>>>>>>> type="javax.sql.DataSource"/> >>>>>>>>> >>>>>>>>> >>>>>>>>> And also added resource-ref to WEB-INF/web.xml. >>>>>>>>> >>>>>>>> Stacktraces you have posted originate from josso webapp, not from >>>>>>>> test >>>>>>>> app. You need to alter context.xml / web.xml of josso webapp. >>>>>>>> >>>>>>>> -- >>>>>>>> Mikolaj Rydzewski >>>>>>>> >>>>>>>> >>>>>>>> --------------------------------------------------------------------- >>>>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org >>>>>>>> For additional commands, e-mail: users-help@tomcat.apache.org >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>> >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org >>>>> For additional commands, e-mail: users-help@tomcat.apache.org >>>>> >>>>> >>>>> >>>> >>>> >>> >>> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org > > > -- View this message in context: http://old.nabble.com/How-to-access-JNDI-resources-on-Tomcat-level-tp19672443p26793293.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org