You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@servicemix.apache.org by sravny <te...@hotmail.com> on 2010/09/14 16:37:18 UTC
Configuration of Authorizationt through JAAS
Hi,
I am new to SeviceMix and as well as JAAS. I am using ServiceMix
version 3.1. I am trying deploy JAAS Security module in ServiceMix. It will
great if someone could hel me on How to Confiure the java.security.policy
inorder to deploy the policy files. And also I am not knowing how to
initialize the Security manager.
For JAAS I was refering to the link
http://jaasbook.wordpress.com/
And for ServiceMix -(Authentication and Authorization) I was referring to
the link
http://www.theserverlabs.com/blog/2010/06/25/dynamic-ldap-based-authentication-and-authorization-in-servicemix-3/
--
View this message in context: http://servicemix.396122.n5.nabble.com/Configuration-of-Authorizationt-through-JAAS-tp2839212p2839212.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
RE: Configuration of Authorizationt through JAAS
Posted by sravny <te...@hotmail.com>.
Hi, Thank you for your response. I have added my Login module in Login.properties. The problem i am facing is, For JAAS Authorization, I have a policy file and i wanted to provide the path for this policy file so that security manager will find it.
Java.security.policy="file.policy";
Where as in command prompt we give as
-Djava.security.policy="file.policy"
My Login context is being initailized well, but it is not able to check the corresponding policies.
....Where in ServiceMix, they have used Authorization Map for Authorization purpose. My task is to Implement JAAS Authorization instead of Authorization map.
I tried keeping my policy file in folder policies/
But that way its not working.
Kindly tell me if u didn't understand my problem.
Regards,sravny
Date: Tue, 14 Sep 2010 08:01:33 -0700
From: ml-node+2839261-1935204466-113472@n5.nabble.com
To: teju.smile@hotmail.com
Subject: Re: Configuration of Authorizationt through JAAS
Hi,
By default, ServiceMix 3 load the login modules defined in
etc/login.properties.
You can add your own login module in this file.
The default ServiceMix subject is servicemix-domain.
You can add yours :
YourSubject {
your.login.module.LoginModule
required
option1=value1
option2=value2;
};
NB: the jar containing your.login.module.LoginModule has to be in the
ServiceMix lib directory.
servicemix-domain {
org.apache.servicemix.jbi.security.login.PropertiesLoginModule
sufficient
...;
}
You can add another login module for the servicemix-domain (for example
a Kerberos or LDAP one).
Regards
JB
On 09/14/2010 04:37 PM, sravny wrote:
>
> Hi,
> I am new to SeviceMix and as well as JAAS. I am using ServiceMix
> version 3.1. I am trying deploy JAAS Security module in ServiceMix. It will
> great if someone could hel me on How to Confiure the java.security.policy
> inorder to deploy the policy files. And also I am not knowing how to
> initialize the Security manager.
>
> For JAAS I was refering to the link
>
> http://jaasbook.wordpress.com/
>
> And for ServiceMix -(Authentication and Authorization) I was referring to
> the link
>
> http://www.theserverlabs.com/blog/2010/06/25/dynamic-ldap-based-authentication-and-authorization-in-servicemix-3/
View message @ http://servicemix.396122.n5.nabble.com/Configuration-of-Authorizationt-through-JAAS-tp2839212p2839261.html
To start a new topic under ServiceMix - User, email ml-node+396123-1174625541-113472@n5.nabble.com
To unsubscribe from ServiceMix - User, click here.
--
View this message in context: http://servicemix.396122.n5.nabble.com/Configuration-of-Authorizationt-through-JAAS-tp2839212p2840330.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
Re: Configuration of Authorizationt through JAAS
Posted by Freeman Fang <fr...@gmail.com>.
On 2011-7-13, at 下午7:14, metatech wrote:
> Thanks Freeman.
>
> The URL you gave is unavailable for the moment... (but Google Cache
> has it).
>
> I followed the instructions to create the realm "servicemix-domain"
> but I
> first had an error (see below).
>
> It worked after adding the two Java packages in my META-INF/MANIFEST :
> Import-Package: .....
> org.apache.karaf.jaas.modules.properties,org.apache.karaf.jaas.modules
>
> Is there any reason why the built-in realm "servicemix-domain" is not
> defined "out-of-the-box" ?
Hi,
This is actually the way how OSGi works, if your bundle need use some
java class, you need explicitly import the package. But you needn't
manually edit the META-INF/MANIFEST yourself, you can configure it
through maven-bundle-plugin in your bundle's pom.xml, the maven-bundle-
plugin can take care of the OSGi metadate header in META-INF/MANIFEST .
Freeman
>
> Thanks,
>
> metatech
>
> =====
> Caused by: javax.security.auth.login.LoginException:
> java.lang.IllegalStateException: Can not load or create login module
> org.apache.karaf.jaas.modules.properties.PropertiesLoginModule for
> bundle
> 209
> at
> org
> .apache
> .karaf.jaas.boot.ProxyLoginModule.initialize(ProxyLoginModule.java:74)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun
> .reflect
> .NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun
> .reflect
> .DelegatingMethodAccessorImpl
> .invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:
> 756)
> at javax.security.auth.login.LoginContext.access
> $000(LoginContext.java:186)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:
> 683)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:
> 680)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:
> 579)
> at
> org
> .apache
> .servicemix
> .nmr
> .core
> .security
> .JaasAuthenticationService
> .authenticate(JaasAuthenticationService.java:65)
>
>
>
>
> --
> View this message in context: http://servicemix.396122.n5.nabble.com/Configuration-of-Authorizationt-through-JAAS-tp2839212p4582308.html
> Sent from the ServiceMix - User mailing list archive at Nabble.com.
---------------------------------------------
Freeman Fang
FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
Re: Configuration of Authorizationt through JAAS
Posted by metatech <me...@gmail.com>.
Thanks Freeman.
The URL you gave is unavailable for the moment... (but Google Cache has it).
I followed the instructions to create the realm "servicemix-domain" but I
first had an error (see below).
It worked after adding the two Java packages in my META-INF/MANIFEST :
Import-Package: .....
org.apache.karaf.jaas.modules.properties,org.apache.karaf.jaas.modules
Is there any reason why the built-in realm "servicemix-domain" is not
defined "out-of-the-box" ?
Thanks,
metatech
=====
Caused by: javax.security.auth.login.LoginException:
java.lang.IllegalStateException: Can not load or create login module
org.apache.karaf.jaas.modules.properties.PropertiesLoginModule for bundle
209
at
org.apache.karaf.jaas.boot.ProxyLoginModule.initialize(ProxyLoginModule.java:74)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
org.apache.servicemix.nmr.core.security.JaasAuthenticationService.authenticate(JaasAuthenticationService.java:65)
--
View this message in context: http://servicemix.396122.n5.nabble.com/Configuration-of-Authorizationt-through-JAAS-tp2839212p4582308.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
Re: Configuration of Authorizationt through JAAS
Posted by Freeman Fang <fr...@gmail.com>.
On 2011-7-8, at 下午8:36, metatech wrote:
> Jean-Baptiste Onofré <jb...@...> writes:
>
>>
>> Hi,
>>
>> By default, ServiceMix 3 load the login modules defined in
>> etc/login.properties.
>>
>
> In ServiceMix 4.x, this configuration does not work, the file
> "etc/login.properties" does not exist anymore.
> You will get the following error :
>
> Caused by: javax.security.auth.login.LoginException: No LoginModules
> configured for servicemix-domain
> at javax.security.auth.login.LoginContext.
> init(LoginContext.java:256)
> at javax.security.auth.login.LoginContext.
> <init>(LoginContext.java:367)
> at javax.security.auth.login.LoginContext.
> <init>(LoginContext.java:444)
> at
> org.apache.servicemix.nmr.core.security.JaasAuthenticationService.
> authenticate(JaasAuthenticationService.java:50)
>
> The Java system property "java.security.auth.login.config" does not
> have any
> effect because the configuration is implemented in
> org.apache.karaf.jaas.config.impl.OsgiConfiguration
>
> Solution : you need to add your realm in the file
> OSGI-INF/blueprint/karaf-jaas-module.xml within the archive
> $SERVICEMIX_HOME/system/org/apache/karaf/jaas/
> org.apache.karaf.jaas.modules/
> 2.1.3/org.apache.karaf.jaas.modules-2.1.3.jar,
> maybe also do a rm -r $SERVICE_HOME/data/cache, and restart
> ServiceMix.
>
Take a look at [1], I don't think you have to hack the
org.apache.karaf.jaas.modules to add the realm.
[1]http://karaf.apache.org/manual/2.2.3-SNAPSHOT/developers-guide/security-framework.html
Freeman
>
>
>
---------------------------------------------
Freeman Fang
FuseSource
Email:ffang@fusesource.com
Web: fusesource.com
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
Re: Configuration of Authorizationt through JAAS
Posted by metatech <me...@gmail.com>.
Jean-Baptiste Onofré <jb...@...> writes:
>
> Hi,
>
> By default, ServiceMix 3 load the login modules defined in
> etc/login.properties.
>
In ServiceMix 4.x, this configuration does not work, the file
"etc/login.properties" does not exist anymore.
You will get the following error :
Caused by: javax.security.auth.login.LoginException: No LoginModules
configured for servicemix-domain
at javax.security.auth.login.LoginContext.
init(LoginContext.java:256)
at javax.security.auth.login.LoginContext.
<init>(LoginContext.java:367)
at javax.security.auth.login.LoginContext.
<init>(LoginContext.java:444)
at
org.apache.servicemix.nmr.core.security.JaasAuthenticationService.
authenticate(JaasAuthenticationService.java:50)
The Java system property "java.security.auth.login.config" does not have any
effect because the configuration is implemented in
org.apache.karaf.jaas.config.impl.OsgiConfiguration
Solution : you need to add your realm in the file
OSGI-INF/blueprint/karaf-jaas-module.xml within the archive
$SERVICEMIX_HOME/system/org/apache/karaf/jaas/org.apache.karaf.jaas.modules/
2.1.3/org.apache.karaf.jaas.modules-2.1.3.jar,
maybe also do a rm -r $SERVICE_HOME/data/cache, and restart ServiceMix.
Re: Configuration of Authorizationt through JAAS
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Hi,
By default, ServiceMix 3 load the login modules defined in
etc/login.properties.
You can add your own login module in this file.
The default ServiceMix subject is servicemix-domain.
You can add yours :
YourSubject {
your.login.module.LoginModule
required
option1=value1
option2=value2;
};
NB: the jar containing your.login.module.LoginModule has to be in the
ServiceMix lib directory.
servicemix-domain {
org.apache.servicemix.jbi.security.login.PropertiesLoginModule
sufficient
...;
}
You can add another login module for the servicemix-domain (for example
a Kerberos or LDAP one).
Regards
JB
On 09/14/2010 04:37 PM, sravny wrote:
>
> Hi,
> I am new to SeviceMix and as well as JAAS. I am using ServiceMix
> version 3.1. I am trying deploy JAAS Security module in ServiceMix. It will
> great if someone could hel me on How to Confiure the java.security.policy
> inorder to deploy the policy files. And also I am not knowing how to
> initialize the Security manager.
>
> For JAAS I was refering to the link
>
> http://jaasbook.wordpress.com/
>
> And for ServiceMix -(Authentication and Authorization) I was referring to
> the link
>
> http://www.theserverlabs.com/blog/2010/06/25/dynamic-ldap-based-authentication-and-authorization-in-servicemix-3/