You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomee.apache.org by mauro2java2011 <ma...@gmail.com> on 2015/05/14 23:30:37 UTC

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

<Listener className="org.apache.catalina.security.SecurityListener" />

The listener abovei have to put into server.xml or for each context.xml into
each war file ?




--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674821.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by mauro2java2011 <ma...@gmail.com>.

3) if i create a custom LoginModule, i have to put the classes into the war
or into the tomee/lib? i have founf many tutorial but develop the custom
loginmodule into the web application . 
SO i am confused . 

4) from http://sysmagazine.com/posts/183550/ i read: 

        System.setProperty("java.security.auth.login.config",
this.getClass().getResource("/login.config").getPath()); 
it is setted from code into war. but the container it knows on it? the
SystemPOroperty is setted ok ad deployment moment? 




--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674839.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by Romain Manni-Bucau <rm...@gmail.com>.

You can put it in your app

5) create a sample to test you ll gain time ;)
Le 16 mai 2015 14:26, "mauro2java2011" <ma...@gmail.com> a écrit :

> 3) if i create a custom LoginModule, i have to put the classes into the war
> or into the tomee/lib? i have founf many tutorial but develop the custom
> loginmodule into the web application .
> SO i am confused .
>
> 4) from http://sysmagazine.com/posts/183550/ i read:
>
>         System.setProperty("java.security.auth.login.config",
> this.getClass().getResource("/login.config").getPath());
> it is setted from code into war. but the container it knows on it? the
> SystemPOroperty is setted ok ad deployment moment?
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674840.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by mauro2java2011 <ma...@gmail.com>.

3) if i create a custom LoginModule, i have to put the classes into the war
or into the tomee/lib? i have founf many tutorial but develop the custom
loginmodule into the web application . 
SO i am confused . 

4) from http://sysmagazine.com/posts/183550/ i read: 

        System.setProperty("java.security.auth.login.config",
this.getClass().getResource("/login.config").getPath()); 
it is setted from code into war. but the container it knows on it? the
SystemPOroperty is setted ok ad deployment moment? 




--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674840.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by Romain Manni-Bucau <rm...@gmail.com>.

Le 16 mai 2015 12:05, "mauro2java2011" <ma...@gmail.com> a écrit :
>
> Configure JAAS
>
> i read from tomee web pages:
>
> *Configuration  Add to your CATALINA_OPTS the
> java.security.auth.login.config system property:
> -Djava.security.auth.login.config=$CATALINA_BASE/conf/login.config*
>
> but from other web sites i read :
>
> JAVA_OPTS=$JAVA_OPTS
> "-Djava.security.auth.login.config==$CATALINA_BASE/conf/jaas.config"
>
> into JAVA_OPTS the
> "Djava.security.auth.login.config*==*$CATALINA_BASE/conf/jaas.config"
>
> is present == and not single =
>
> 1) what it is the right?
> = or ==
>

Single

> where it is ol to set the login.config.
>
> 2)into setenv.sh , or catalna.sh or what other file script ????? and i
have
> to use JAVA_OPTS or CATALINA_OPTS ?
>

All work

>
>
>
>
>
>
> --
> View this message in context:
http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674835.html
> Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by mauro2java2011 <ma...@gmail.com>.

Configure JAAS 

i read from tomee web pages:

*Configuration  Add to your CATALINA_OPTS the
java.security.auth.login.config system property: 
-Djava.security.auth.login.config=$CATALINA_BASE/conf/login.config*

but from other web sites i read :

JAVA_OPTS=$JAVA_OPTS
"-Djava.security.auth.login.config==$CATALINA_BASE/conf/jaas.config" 

into JAVA_OPTS the
"Djava.security.auth.login.config*==*$CATALINA_BASE/conf/jaas.config" 

is present == and not single =

1) what it is the right? 
= or ==

where it is ol to set the login.config. 

2)into setenv.sh , or catalna.sh or what other file script ????? and i have
to use JAVA_OPTS or CATALINA_OPTS ?







--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674835.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by Romain Manni-Bucau <rm...@gmail.com>.

You are right

Feel free to edit the page
Le 15 mai 2015 19:30, "mauro2java2011" <ma...@gmail.com> a écrit :

> please a last thing:
>
> from the page of tomee jaas  http://tomee.apache.org/tomee-jaas.html
> <http://tomee.apache.org/tomee-jaas.html>
>
> i read:
> Add to your CATALINA_OPTS the java.security.auth.login.config system
> property:
>
> -Djava.security.auth.login.config=$CATALINA_BASE/conf/login.config
>
> Configure your realm in server.xml file
>
> <?xml version='1.0' encoding='utf-8'?>
> <Server port="8005" shutdown="SHUTDOWN">
>   <Listener className="org.apache.tomee.loader.OpenEJBListener" />
>   <Listener className="org.apache.catalina.security.SecurityListener" />
>
>   <Service name="Catalina">
>     <Connector port="8080" protocol="HTTP/1.1"
>                connectionTimeout="20000"
>                redirectPort="8443" />
>     <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
>     <Engine name="Catalina" defaultHost="localhost">
>
>       <Realm className=&quot;org.apache.catalina.realm.JAASRealm&quot;
> appName=&quot;&lt;b>PropertiesLoginModule*"
>
>
> userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User"
>
>
> roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Group">
>       </Realm>
>
>       <Host name="localhost"  appBase="webapps"
>             unpackWARs="true" autoDeploy="true" />
>     </Engine>
>   </Service>
> </Server>
>
> Configure your login.config file
>
> *PropertiesLogin* {
>     org.apache.openejb.core.security.jaas.*PropertiesLoginModule* required
>     Debug=false
>     UsersFile="users.properties"
>     GroupsFile="groups.properties";
> };
>
>
> i think that from that instruction it present a error:
>
>
>       <Realm className=&quot;org.apache.catalina.realm.JAASRealm&quot;
> appName=&quot;&lt;b>PropertiesLoginModule*"
>
>
> userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User"
>
>
> roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Group">
>       </Realm>
>
>
> but into login.config file :
>
> *PropertiesLogin* {
>     org.apache.openejb.core.security.jaas.*PropertiesLoginModule* required
>     Debug=false
>     UsersFile="users.properties"
>     GroupsFile="groups.properties";
> };
>
> the appName is PropertiesLogin and not PropertiesLoginModule .
>
> the PropertiesLoginModule is the name of class
> org.apache.openejb.core.security.jaas.*PropertiesLoginModule
>
> its a errors typoo or is ok form the page?
>
>
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674832.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by mauro2java2011 <ma...@gmail.com>.

please a last thing: 

from the page of tomee jaas  http://tomee.apache.org/tomee-jaas.html
<http://tomee.apache.org/tomee-jaas.html>   

i read:
Add to your CATALINA_OPTS the java.security.auth.login.config system
property:

-Djava.security.auth.login.config=$CATALINA_BASE/conf/login.config

Configure your realm in server.xml file

<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
  <Listener className="org.apache.tomee.loader.OpenEJBListener" />
  <Listener className="org.apache.catalina.security.SecurityListener" />

  <Service name="Catalina">
    <Connector port="8080" protocol="HTTP/1.1" 
               connectionTimeout="20000" 
               redirectPort="8443" />
    <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
    <Engine name="Catalina" defaultHost="localhost">
      
      <Realm className=&quot;org.apache.catalina.realm.JAASRealm&quot;
appName=&quot;&lt;b>PropertiesLoginModule*"
         
userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User"
         
roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Group">
      </Realm>

      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true" />
    </Engine>
  </Service>
</Server>

Configure your login.config file

*PropertiesLogin* {
    org.apache.openejb.core.security.jaas.*PropertiesLoginModule* required
    Debug=false
    UsersFile="users.properties"
    GroupsFile="groups.properties";
};


i think that from that instruction it present a error:


      <Realm className=&quot;org.apache.catalina.realm.JAASRealm&quot;
appName=&quot;&lt;b>PropertiesLoginModule*"
         
userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User"
         
roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Group">
      </Realm>


but into login.config file :

*PropertiesLogin* {
    org.apache.openejb.core.security.jaas.*PropertiesLoginModule* required
    Debug=false
    UsersFile="users.properties"
    GroupsFile="groups.properties";
};

the appName is PropertiesLogin and not PropertiesLoginModule .

the PropertiesLoginModule is the name of class 
org.apache.openejb.core.security.jaas.*PropertiesLoginModule

its a errors typoo or is ok form the page?






--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674832.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by Romain Manni-Bucau <rm...@gmail.com>.

https://tomcat.apache.org/tomcat-7.0-doc/config/listeners.html#Security_Lifecycle_Listener_-_org.apache.catalina.security.SecurityListener

https://tomcat.apache.org/tomcat-7.0-doc/config/realm.html#JAAS_Realm_-_org.apache.catalina.realm.JAASRealm
Le 15 mai 2015 00:57, "mauro2java2011" <ma...@gmail.com> a écrit :

> But please *Listener
> className="org.apache.catalina.security.SecurityListener" />
>
> * what work it run?  It is other that jass?
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674825.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by mauro2java2011 <ma...@gmail.com>.

But please *Listener
className="org.apache.catalina.security.SecurityListener" /> 

* what work it run?  It is other that jass?



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674825.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by mauro2java2011 <ma...@gmail.com>.

JaasRealm has a configFile option 
supporting to read a jaas config from war classloader 

What it is ? A example?



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674826.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by Romain Manni-Bucau <rm...@gmail.com>.

Server.xml but it has no link with jaas. JaasRealm has a configFile option
supporting to read a jaas config from war classloader
Le 15 mai 2015 00:27, "mauro2java2011" <ma...@gmail.com> a écrit :

> <Listener className="org.apache.catalina.security.SecurityListener" />
>
> The listener abovei have to put into server.xml or for each context.xml
> into
> each war file ?
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674821.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by mauro2java2011 <ma...@gmail.com>.

Please a example with a login.config file with 2 or 3 different 
*PropertiesLoginModule name ?

*
And another for get login.config from the war? Read from roain response
above



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674827.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by mauro2java2011 <ma...@gmail.com>.

Please a 3xample with 2 obtre different configuration?



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674824.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: how modify the login.config file for get 3 jaas different for 3 web different apps

Posted by Jean-Louis Monteiro <jl...@tomitribe.com>.

You can define the jaas realm for each Web app,  in the context.Xml file
for instance. Make sure to define a different app name for everyone and to
have the corresponding jaas.config entry.
Le 14 mai 2015 15:27, "mauro2java2011" <ma...@gmail.com> a écrit :

> <Listener className="org.apache.catalina.security.SecurityListener" />
>
> The listener abovei have to put into server.xml or for each context.xml
> into
> each war file ?
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/how-modify-the-login-config-file-for-get-3-jaas-different-for-3-web-different-apps-tp4674820p4674821.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>