You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Abel MacAdam <ab...@gmail.com> on 2007/12/13 14:06:23 UTC

Beginner question: Configure Tomcat for JAAS?

Hi,

This is a beginner question :-(. I'm trying to get JAAS to work on my Tomcat
(6.0.12) installation. I used code from a Javaworld article (
http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas.html)

Of course I had to configure my Tomcat to work together with JAAS. The
document I used is:
http://tomcat.apache.org/tomcat-6.0-doc/printer/realm-howto.html

According to the Tomcat doc I have to do the following steps before I can
use JAAS to authenticate a user:
1. Develop your code. Place the compiled classes in Tomcat's classpath
2. Setup a login.config file for Java, and tell Tomcat where to find it (set
JAVA_OPTS)
3. Configure the JAASRealm in your server.xml

1 Develop code: I use the following classes:
PassiveCallbackHandler.java
RdbmsCredential.java
RdbmsLoginModule.java
RdbmsPrincipal.java
These classes I put in the package rdbmsjaas.
In the %CATALINA_HOME%/webapps/Javaworld_Jaas/WEB-INF/lib directory I
created the rdbmsjaas.jar file.

The jsp is called jaas.jsp, and is stored in
%CATALINA_HOME%/webapps/Javaworld_Jaas

2. Setup login.config
In %CATALINA_HOME%\conf I saved the file Javaworld_all_that_Jaas.config,
containing:

Example {
   RdbmsLoginModule required
   debug="true"
   url="jdbc:mysql://localhost/jaasdb?user=javauser&password=javadude"
   driver="com.mysql.jdbc.Driver";
};

I created an XP Environment Variable JAVA_OPTS with the value <-DJAVA_OPTS=-
Djava.security.auth.login.config==C:/Program Files/Apache Software
Foundation/Tomcat 6.0/conf/JavaWorld_All_That_Jaas.config> (excluding < and
>)
I used the fully qualified address, instead of
$CATALINA_HOME/conf/JavaWorld_All_That_Jaas.config. I think XP balks when it
sees $CATALINA_HOME).

3 Configure JAASRealm in server.xml
In %CATALINA_HOME%\conf\ I changed web.xml. I added the following lines:

      <Realm className="org.apache.catalina.realm.JAASRealm"
             appName="jaas"
             userClassName="rdbmsjaas.RdbmsPrincipal"
             debug="99"
       />

If I run the jsp from http://localhost:8080/JavaWorld_Jaas/jaas.jsp, I can
enter my username/password, but when I click the Submit button, I get:

Caught Exception: java.lang.SecurityException: Unable to locate a login
configuration



Where did my configuration go wrong?

Abel