tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Eggers <its_toas...@yahoo.com>
Subject Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
Date Thu, 14 Jun 2012 07:54:49 GMT
>________________________________
> From: javed ansari <javed.937@gmail.com>
>To: users@tomcat.apache.org
>Sent: Thursday, June 14, 2012 12:06 AM
>Subject: Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
> 
>
>Hi,
>
>Those two classes are created by myself. They implement "java.security.Principal" interface
in order to hookup JAASRealm in tomcat.
>I have attached the classes. Please rename the smarts_zip to smarts.zip after downloading.
>
>Following are the entries in red color for this in the server.xml file of the tomcat.
>
><Realm className="org.apache.catalina.realm.LockOutRealm">-->       
>            <Realm className="org.apache.catalina.realm.JAASRealm"
>               appName="SMARTSLoginModule"
>               userClassNames="com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal"
>               roleClassNames="com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal"/>   
           
>      </Realm>
>
>I created a jar file of the two classes and kept everywhere like
>
>C:\Apache\Tomcat7.0\lib
>C:\Apache\Tomcat7.0\webapps\MyApp\WEB-INF\lib
>
>I even added that in the Tomcat confirmation window 
>
>
>
>Please let me know if you need more info or provide any suggestion.
>----- Original Message -----
>> I am creating a website and implement security. For this I am using
>> Form
>> based authentication and JAASRealm. I have implemented the login
>> module and
>> able to authenticate but while authorizing tomcat is not able to load
>> the
>> user and role classes once I start the tomcat server.
>>
>> It gives the following error on startup (in the
>> tomcat7-stderr.2012-06-13.log)
>> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.
>JAASRealm
>> parseClassNames
>> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal
>> not
>> found! Class not added.
>> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
>> parseClassNames
>> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal
>> not
>> found! Class not added.
>
>The classes mentioned above cannot be found.
>
>1.) What are they classes?  They are not part of Tomcat.
>
>2.) Have you placed the classes on the classpath somewhere?  If so, where?
>
>Dan
>
>
>
>>
>> I have taken help from
>> http://blog.frankel.ch/custom-loginmodule-in-tomcat
>>
>> I tried even the sample one on the above website but gives the same
>> error.
>> Please let me know what am I missing.
>> --
>> Regards,
>> Javed
>> ====================================================================
>> Even a big pot full of water will be emptied by a small hole.
>> Similarly just a little anger or ego will burn the nobility of good
>> heart.
>> ====================================================================
>>
>
>
>On Wed, Jun 13, 2012 at 5:10 PM, javed ansari <javed.937@gmail.com> wrote:
>
>I am creating a website and implement security. For this I am using Form based authentication
and JAASRealm. I have implemented the login module and able to authenticate but while authorizing
tomcat is not able to 
load the user and role classes once I start the tomcat server. 
>>
>>It gives the following error on startup 
(in the tomcat7-stderr.2012-06-13.log)
>>Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames 
>>SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal not found! Class
not added. 
>>Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames 
>>SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal not found! Class
not added. 
>>
>>I have taken help from 
>>http://blog.frankel.ch/custom-loginmodule-in-tomcat
>>
>>I tried even the sample one on the above website but gives the same error.
>>Please let me know what am I missing.

This is a shorter version of my last mail message.

If you define your Realm in server.xml, the container will try to load it. If the container
tries to load the JAASRealm, you need to set an attribute in the JAASRealm element.

First of all, what's this stray line in your server.xml? I hope it's just a copy/paste error.

<Realm className="org.apache.catalina.realm.LockOutRealm">--> 

<!-- this is the configuration -->
<Realm className="org.apache.catalina.realm.JAASRealm"
    appName="SMARTSLoginModule"
    userClassNames="com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal"
    roleClassNames="com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal"/>       
       
</Realm>

You need to add at least this:

useContextClassLoader="false"

So your configuration would look at least like this:

<Realm className="org.apache.catalina.realm.JAASRealm"
    appName="SMARTSLoginModule"
    userClassNames="com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal"
    roleClassNames="com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal"/>
    useContextClassLoader="false" 
</Realm>

Do not put your jar in both WEB-INF\lib and %CATALINA_BASE%\lib.

Do not add the jar to your classpath.

You have not defined where the jaas.config file is. Please set the following property in Java
Options to point to where you've saved your jaas.config file.

-Djava.security.auth.login.config=%CATALINA_BASE%/conf/jaas.config

Make sure that your jaas.config file is actually called that, and it is actually located where
you set the Java Options option.

Please read and follow the instructions given in:

http://tomcat.apache.org/tomcat-7.0-doc/config/realm.html 
http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#JAASRealm

Please be aware of the way class loading works in Tomcat.

http://tomcat.apache.org/tomcat-7.0-doc/class-loader-howto.html 

In particular, if you define the JAASRealm in your META-INF/context.xml file, place the JAR
file in
WEB-INF/lib, and do not set the useContextClassLoader attribute.

If you have (as you have) placed the JAASRealm definition in either the Host or Engine element
of your server.xml, then place your JAR only %CATALINA_BASE%\lib. Do set useContextClassLoader
attribute to false as shown in the above configuration snippet.

As other people have noted, the list strips images and attachments.

Again, I've not written or used a JAASRealm. This is all based on the documentation available
on the Tomcat web site. See the above links for references and the definitive instructions.


. . . . just my two cents.
/mde/

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message