You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/08/26 16:48:51 UTC

DO NOT REPLY [Bug 30869] New: - JAAS module name is not allowed in jaas.conf file

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=30869>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30869

JAAS module name is not allowed in jaas.conf file

           Summary: JAAS module name is not allowed in jaas.conf file
           Product: Tomcat 5
           Version: 5.0.27
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: alex_blewitt@yahoo.com


When running with the JAASRealm, the container sets the JAAS application name to 
be the container's name:

--- 8< --- JAASRealm.java --- 8< ---
public void setContainer(Container container) {
  super.setContainer(container);
  String name=container.getName();
  if( appName==null  ) {
    appName=name;
    log.info("Setting JAAS app name " + appName);
  }
}
--- 8< --- JAASRealm.java --- 8< ---

However, the container's name always starts with a /, which isn't an allowable
name in the JAAS specification:

--- 8< --- stdout --- 8< ---
...
INFO: Setting JAAS app name /MyApp
...
--- 8< --- stdout --- 8< ---

--- 8< --- jaas.conf --- 8< ---
/MyApp {
  com.example.MyJAASLoginModule required;
};
--- 8< --- jaas.conf --- 8< ---

The Sun Security barfs at the '/' on leading MyApp, so it can't be speficied.
The default name 'Tomcat' doesn't work either, because the JAAS name has already
been set, and this cannot be set in the config file.

Instead, you have to use 'other' which is applicable to all apps in the application.

The fix would be to check whether there are any unprintable characters in the
application name, and if so, fix them. Of course, what constitutes an
unprintable character is up to Sun's Configuration parser, which probably isn't
that good.

A quick fix would be:

--- 8< --- JAASRealm.java.fix --- 8< ---
public void setContainer(Container container) {
  super.setContainer(container);
  String name=container.getName();
  if( appName==null  ) {
    if (name.startsWith("/")) name.substring(1);
    appName=name;
    log.info("Setting JAAS app name " + appName);
  }
}
--- 8< --- JAASRealm.java.fix --- 8< ---

but in reality, you'd need to check for all other non-printable characters and
replace/delete them as appropriate, because a name may have other / characters
(e.g. /MyApp/Other).

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org