You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Joan Jesús Pujol Espinar <jo...@ima.udg.es> on 2004/02/19 19:02:27 UTC

Using JAASRealm to authentificate with a NIS

Hello,


I need to use BASIC authentification but with a NIS. I try to do it with
the JAASRealm. It's the correct solution?

What I do is:

-1-
Add the Realm in the server.xml
      <Realm className="org.apache.catalina.realm.JAASRealm"
                 userClassNames="com.sun.security.auth.UnixPrincipal"

roleClassNames="com.sun.security.auth.UnixNumericGroupPrincipal"
appName="UsuarisReal" debug="99"/>
-2-
Export the enviorement variable JAVA_OPTS with
-Djava.security.auth.login.config==/usr/local/jakarta-tomcat-4.1.12//conf/UsuarisRealm.conf 



-3-
And the Configuration file UsuarisRealm is:

UsuarisRealm {
        com.sun.security.auth.JndiLoginModule required debug=true
user.provider.url="nis://cosmos.udg.es/ima.udg.es/user"
group.provider.url="nis://cosmos.udg.es/ima.udg.es/syste
m/group";
}

-4-
Add a security-constraint in a context of an application:
  <security-constraint>
        <web-resource-collection>
                <web-resource-name> Prova area autentificada
</web-resource-name>
                <url-pattern>/*</url-pattern>
                <http-method> DELETE </http-method>
                <http-method> GET </http-method>
                <http-method> PUT </http-method>
                <http-method> POST </http-method>
        </web-resource-collection>
        <auth-constraint>
                <role-name>208</role-name>
        </auth-constraint>
        <login-config>
                <auth-method> BASIC </auth-method>
                <realm-name>Autentificacio usuaris </realm-name>
        </login-config>
        <security-role>
                <role-name>208</role-name>
        </security-role>
  </security-constraint>

But this doesn't work.  The error that I recive is  Error 500: Config
Error: It isn't possible to do control acces with an authentificated
principal (translated from spanish)

What I do wrong?

And  it's possible that in the log there isn't any information about
Realm with a debug=99?

Cheers,

PD: Excusme for my english level




-- 
*******************************************************
Joan Jesús Pujol Espinar
Tècnic de Sistemes

Universitat de Girona
Dpt. Informàtica i Matemàtica Aplicada
Campus Montilivi
17003 - Girona (Spain)
e-mail: joan.pujol@ima.udg.es
+34 972 418418 Fax: +34 972 418792
*******************************************************




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org