You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomee.apache.org by gfolch <fo...@hp.com> on 2014/12/03 14:04:26 UTC
How can I enable JACC in TomEE
Hi,
I'm developing my own JACC Provider and I want to use it in TomEE.
How can I setup TomEE to use it?
Based on JACC specs I have to setup some system variables like:
-Djavax.security.jacc.policy.provider=com.example.jacc.YourPolicy
-Djavax.security.jacc.PolicyConfigurationFactory.provider=com.example.jacc.YourPolicyConfigurationFactory
But it's not working in my case. What I'm missing?
Thanks in advance
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/How-can-I-enable-JACC-in-TomEE-tp4673113.html
Sent from the TomEE Users mailing list archive at Nabble.com.
Re: How can I enable JACC in TomEE
Posted by Arjan Tijms <ar...@gmail.com>.
As of today, still only seems to work for EJB.
I used this JACC provider: https://github.com/arjantijms/cdi-jacc-provider
build it using mvn clean package and copied the jar to /lib in TomEE 7.0.1.
Added the following as VM parameters:
-Djavax.security.jacc.policy.provider=org.omnifaces.jaccprovider.jacc.policy.DefaultPolicy
-Djavax.security.jacc.PolicyConfigurationFactory.provider=org.omnifaces.jaccprovider.jacc.configuration.TestPolicyConfigurationFactory
Then deployed the web app from the following project:
https://github.com/arjantijms/custom-authorization
The JACC provider is subsequently called, but only for (build-in)
EJBMethodPermissions. No WebAnything permissions are being set and the JACC
code is not called when a Servlet resources is accessed. When I add a
(protected) EJB to the web app and call that from a Servlet, the JACC
provider IS called.
So JACC does work, but indeed only for EJB.
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/How-can-I-enable-JACC-in-TomEE-tp4673113p4679746.html
Sent from the TomEE Users mailing list archive at Nabble.com.
Re: How can I enable JACC in TomEE
Posted by Romain Manni-Bucau <rm...@gmail.com>.
I guess we wire it for EJB but not the whole webapp. Can you try it in an EJB?
Romain Manni-Bucau
@rmannibucau
http://www.tomitribe.com
http://rmannibucau.wordpress.com
https://github.com/rmannibucau
2014-12-03 15:04 GMT+01:00 gfolch <fo...@hp.com>:
> My Jacc provider jar is in tomee/lib
>
> Also I can see this log entry in Catalina log:
>
> Dec 03, 2014 2:59:43 PM org.apache.openejb.util.OptionsLog info
> INFO: Using
> 'javax.security.jacc.policy.provider=com.example.jacc.YourPolicy'
>
> So I guess TomEE is using my jacc provider.
> However when I do a request to my webApp test application, trying to get
> the PolicyContext, it fails.
>
> This line:
> Subject s = (Subject)
> PolicyContext.getContext("javax.security.auth.Subject.container");
>
> is throwing an exception:
> java.lang.IllegalArgumentException: No handler can be found for the key
> 'javax.security.auth.Subject.container'
>
> What I'm missing?
>
>
>
> --
> View this message in context: http://tomee-openejb.979440.n4.nabble.com/How-can-I-enable-JACC-in-TomEE-tp4673113p4673115.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
Re: How can I enable JACC in TomEE
Posted by gfolch <fo...@hp.com>.
My Jacc provider jar is in tomee/lib
Also I can see this log entry in Catalina log:
Dec 03, 2014 2:59:43 PM org.apache.openejb.util.OptionsLog info
INFO: Using
'javax.security.jacc.policy.provider=com.example.jacc.YourPolicy'
So I guess TomEE is using my jacc provider.
However when I do a request to my webApp test application, trying to get
the PolicyContext, it fails.
This line:
Subject s = (Subject)
PolicyContext.getContext("javax.security.auth.Subject.container");
is throwing an exception:
java.lang.IllegalArgumentException: No handler can be found for the key
'javax.security.auth.Subject.container'
What I'm missing?
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/How-can-I-enable-JACC-in-TomEE-tp4673113p4673115.html
Sent from the TomEE Users mailing list archive at Nabble.com.
Re: How can I enable JACC in TomEE
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Hi
javax.security.jacc.policy.provider and
javax.security.jacc.PolicyConfigurationFactory.provider are used but
with container loader (ie did you put your jar in tomee/lib?)
If you want to debug it is here
org.apache.openejb.core.security.AbstractSecurityService#installJacc
Romain Manni-Bucau
@rmannibucau
http://www.tomitribe.com
http://rmannibucau.wordpress.com
https://github.com/rmannibucau
2014-12-03 14:04 GMT+01:00 gfolch <fo...@hp.com>:
> Hi,
>
> I'm developing my own JACC Provider and I want to use it in TomEE.
> How can I setup TomEE to use it?
> Based on JACC specs I have to setup some system variables like:
> -Djavax.security.jacc.policy.provider=com.example.jacc.YourPolicy
> -Djavax.security.jacc.PolicyConfigurationFactory.provider=com.example.jacc.YourPolicyConfigurationFactory
>
> But it's not working in my case. What I'm missing?
>
> Thanks in advance
>
>
>
> --
> View this message in context: http://tomee-openejb.979440.n4.nabble.com/How-can-I-enable-JACC-in-TomEE-tp4673113.html
> Sent from the TomEE Users mailing list archive at Nabble.com.