You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by javed ansari <ja...@gmail.com> on 2012/06/13 13:40:29 UTC
Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
I am creating a website and implement security. For this I am using Form
based authentication and JAASRealm. I have implemented the login module and
able to authenticate but while authorizing tomcat is not able to load the
user and role classes once I start the tomcat server.
It gives the following error on startup (in the
tomcat7-stderr.2012-06-13.log)
Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames
SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal not
found! Class not added.
Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames
SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal not
found! Class not added.
I have taken help from
http://blog.frankel.ch/custom-loginmodule-in-tomcat
I tried even the sample one on the above website but gives the same error.
Please let me know what am I missing.
--
Regards,
Javed
====================================================================
Even a big pot full of water will be emptied by a small hole.
Similarly just a little anger or ego will burn the nobility of good heart.
====================================================================
Re: Apache tomcat (7.0.27) is not loading the user and role class
for JAASRealm
Posted by André Warnier <aw...@ice-sa.com>.
javed ansari wrote:
> Hi,
>
> Those two classes are created by myself. They implement
> "java.security.Principal" interface in order to hookup JAASRealm in tomcat.
> I have attached the classes. Please rename the smarts_zip to smarts.zip
> after downloading.
>
This list strips most attachments. Yours appears to have been removed.
If you really want to send this, 2 options :
- paste it in-line in your message
- post it somewhere where others can look at it/download it
Note that few people on this list would really want to spend their time browsing through
tens of lines of your own code to find a problem. This list is focused on helping people
setting up and configuraing tomcat, and using the tomcat code.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
Posted by Mark Eggers <it...@yahoo.com>.
>________________________________
> From: javed ansari <ja...@gmail.com>
>To: users@tomcat.apache.org
>Sent: Thursday, June 14, 2012 12:06 AM
>Subject: Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
>
>
>Hi,
>
>Those two classes are created by myself. They implement "java.security.Principal" interface in order to hookup JAASRealm in tomcat.
>I have attached the classes. Please rename the smarts_zip to smarts.zip after downloading.
>
>Following are the entries in red color for this in the server.xml file of the tomcat.
>
><Realm className="org.apache.catalina.realm.LockOutRealm">-->
> <Realm className="org.apache.catalina.realm.JAASRealm"
> appName="SMARTSLoginModule"
> userClassNames="com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal"
> roleClassNames="com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal"/>
> </Realm>
>
>I created a jar file of the two classes and kept everywhere like
>
>C:\Apache\Tomcat7.0\lib
>C:\Apache\Tomcat7.0\webapps\MyApp\WEB-INF\lib
>
>I even added that in the Tomcat confirmation window
>
>
>
>Please let me know if you need more info or provide any suggestion.
>----- Original Message -----
>> I am creating a website and implement security. For this I am using
>> Form
>> based authentication and JAASRealm. I have implemented the login
>> module and
>> able to authenticate but while authorizing tomcat is not able to load
>> the
>> user and role classes once I start the tomcat server.
>>
>> It gives the following error on startup (in the
>> tomcat7-stderr.2012-06-13.log)
>> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.
>JAASRealm
>> parseClassNames
>> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal
>> not
>> found! Class not added.
>> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
>> parseClassNames
>> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal
>> not
>> found! Class not added.
>
>The classes mentioned above cannot be found.
>
>1.) What are they classes? They are not part of Tomcat.
>
>2.) Have you placed the classes on the classpath somewhere? If so, where?
>
>Dan
>
>
>
>>
>> I have taken help from
>> http://blog.frankel.ch/custom-loginmodule-in-tomcat
>>
>> I tried even the sample one on the above website but gives the same
>> error.
>> Please let me know what am I missing.
>> --
>> Regards,
>> Javed
>> ====================================================================
>> Even a big pot full of water will be emptied by a small hole.
>> Similarly just a little anger or ego will burn the nobility of good
>> heart.
>> ====================================================================
>>
>
>
>On Wed, Jun 13, 2012 at 5:10 PM, javed ansari <ja...@gmail.com> wrote:
>
>I am creating a website and implement security. For this I am using Form based authentication and JAASRealm. I have implemented the login module and able to authenticate but while authorizing tomcat is not able to
load the user and role classes once I start the tomcat server.
>>
>>It gives the following error on startup
(in the tomcat7-stderr.2012-06-13.log)
>>Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames
>>SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal not found! Class not added.
>>Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm parseClassNames
>>SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal not found! Class not added.
>>
>>I have taken help from
>>http://blog.frankel.ch/custom-loginmodule-in-tomcat
>>
>>I tried even the sample one on the above website but gives the same error.
>>Please let me know what am I missing.
This is a shorter version of my last mail message.
If you define your Realm in server.xml, the container will try to load it. If the container tries to load the JAASRealm, you need to set an attribute in the JAASRealm element.
First of all, what's this stray line in your server.xml? I hope it's just a copy/paste error.
<Realm className="org.apache.catalina.realm.LockOutRealm">-->
<!-- this is the configuration -->
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="SMARTSLoginModule"
userClassNames="com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal"
roleClassNames="com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal"/>
</Realm>
You need to add at least this:
useContextClassLoader="false"
So your configuration would look at least like this:
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="SMARTSLoginModule"
userClassNames="com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal"
roleClassNames="com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal"/>
useContextClassLoader="false"
</Realm>
Do not put your jar in both WEB-INF\lib and %CATALINA_BASE%\lib.
Do not add the jar to your classpath.
You have not defined where the jaas.config file is. Please set the following property in Java Options to point to where you've saved your jaas.config file.
-Djava.security.auth.login.config=%CATALINA_BASE%/conf/jaas.config
Make sure that your jaas.config file is actually called that, and it is actually located where you set the Java Options option.
Please read and follow the instructions given in:
http://tomcat.apache.org/tomcat-7.0-doc/config/realm.html
http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#JAASRealm
Please be aware of the way class loading works in Tomcat.
http://tomcat.apache.org/tomcat-7.0-doc/class-loader-howto.html
In particular, if you define the JAASRealm in your META-INF/context.xml file, place the JAR file in
WEB-INF/lib, and do not set the useContextClassLoader attribute.
If you have (as you have) placed the JAASRealm definition in either the Host or Engine element of your server.xml, then place your JAR only %CATALINA_BASE%\lib. Do set useContextClassLoader attribute to false as shown in the above configuration snippet.
As other people have noted, the list strips images and attachments.
Again, I've not written or used a JAASRealm. This is all based on the documentation available on the Tomcat web site. See the above links for references and the definitive instructions.
. . . . just my two cents.
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
Posted by javed ansari <ja...@gmail.com>.
Hi,
Those two classes are created by myself. They implement
"java.security.Principal" interface in order to hookup JAASRealm in tomcat.
I have attached the classes. Please rename the smarts_zip to smarts.zip
after downloading.
Following are the entries in red color for this in the server.xml file of
the tomcat.
<Realm className="org.apache.catalina.realm.LockOutRealm">-->
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="SMARTSLoginModule"
userClassNames="com.cogent3M.SMARTS.Core.General.
SMARTSUserPrincipal"
roleClassNames="com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal"/>
</Realm>
I created a jar file of the two classes and kept everywhere like
C:\Apache\Tomcat7.0\lib
C:\Apache\Tomcat7.0\webapps\MyApp\WEB-INF\lib
I even added that in the Tomcat confirmation window
Please let me know if you need more info or provide any suggestion.
----- Original Message -----
> I am creating a website and implement security. For this I am using
> Form
> based authentication and JAASRealm. I have implemented the login
> module and
> able to authenticate but while authorizing tomcat is not able to load
> the
> user and role classes once I start the tomcat server.
>
> It gives the following error on startup (in the
> tomcat7-stderr.2012-06-13.log)
> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.
JAASRealm
> parseClassNames
> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal
> not
> found! Class not added.
> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
> parseClassNames
> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal
> not
> found! Class not added.
The classes mentioned above cannot be found.
1.) What are they classes? They are not part of Tomcat.
2.) Have you placed the classes on the classpath somewhere? If so, where?
Dan
>
> I have taken help from
> http://blog.frankel.ch/custom-loginmodule-in-tomcat
>
> I tried even the sample one on the above website but gives the same
> error.
> Please let me know what am I missing.
> --
> Regards,
> Javed
> ====================================================================
> Even a big pot full of water will be emptied by a small hole.
> Similarly just a little anger or ego will burn the nobility of good
> heart.
> ====================================================================
>
On Wed, Jun 13, 2012 at 5:10 PM, javed ansari <ja...@gmail.com> wrote:
> I am creating a website and implement security. For this I am using Form
> based authentication and JAASRealm. I have implemented the login module and
> able to authenticate but while authorizing tomcat is not able to load the
> user and role classes once I start the tomcat server.
>
> It gives the following error on startup (in the
> tomcat7-stderr.2012-06-13.log)
> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
> parseClassNames
> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal not
> found! Class not added.
> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
> parseClassNames
> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal not
> found! Class not added.
>
> I have taken help from
> http://blog.frankel.ch/custom-loginmodule-in-tomcat
>
> I tried even the sample one on the above website but gives the same error.
> Please let me know what am I missing.
>
>
Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
Posted by Mark Eggers <it...@yahoo.com>.
----- Original Message -----
> From: Daniel Mikusa <dm...@vmware.com>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Cc:
> Sent: Wednesday, June 13, 2012 6:25 AM
> Subject: Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm
>
> ----- Original Message -----
>> I am creating a website and implement security. For this I am using
>> Form
>> based authentication and JAASRealm. I have implemented the login
>> module and
>> able to authenticate but while authorizing tomcat is not able to load
>> the
>> user and role classes once I start the tomcat server.
>>
>> It gives the following error on startup (in the
>> tomcat7-stderr.2012-06-13.log)
>> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
>> parseClassNames
>> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal
>> not
>> found! Class not added.
>> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
>> parseClassNames
>> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal
>> not
>> found! Class not added.
>
> The classes mentioned above cannot be found.
>
> 1.) What are they classes? They are not part of Tomcat.
>
> 2.) Have you placed the classes on the classpath somewhere? If so, where?
>
> Dan
>
>
>
>>
>> I have taken help from
>> http://blog.frankel.ch/custom-loginmodule-in-tomcat
>>
>> I tried even the sample one on the above website but gives the same
>> error.
>> Please let me know what am I missing.
>> --
>> Regards,
>> Javed
WARNING
=======
The following is based on Tomcat's documentation. I have not written my own JAAS Realm, so your mileage may vary.
WARNING
=======
The documentation that I'm basing this on can be found here:
http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#JAASRealm
http://tomcat.apache.org/tomcat-7.0-doc/config/realm.html
There are a few things to note from the blog post.
The place the blog tells you to put the Realm configuration is confusing at best.
As mentioned in the blog post, you can place your Realm definition in the Engine, Host, or Context elements. Unfortunately, the notes for the context element is a bit misleading.
If you place your Realm definition in the Context element, it should be in one of two places.
1. application's META-INF/context.xml
2. CATALINA_BASE/conf/Catalina/[hostname]/appname.xml.
[hostname] is typically localhost
appname.xml is the "name of your application".xml.
I suppose you could also place the Realm definition in CATALINA_BASE/conf/Catalina/[hostname]/context.xml.default.
Placing your classes (LoginModule and Principal) within Tomcat combined with the above information probably follows the logic below. Again, I've not tried this. I'm just reading the documentation.
1. If you define your JAASRealm in your application's context.xml
a. Place the LoginModule and Principle classes in WEB-INF/classes or
WEB-INF/lib of your application
b. No special attribute needs to be set
2. If you define your JAASRealm in Engine or Host (server.xml)
a. Place the LoginModule and Principle classes in CATALINA_HOME/lib as a jar file
b. Add the following attribute to the JAASRealm definition
useContextClassLoader="true"
This tells Tomcat to use the container classloader rather than the application's classloader to find the classes.
An advantage of doing things the first way is that you can easily change your JAAS implementation and just reload the web application.
An advantage of doing things the second way is that you only have to define the resource once for the entire Engine or Host. However changes to the implementation would then require a Tomcat restart.
In any event, you'll need to indicate where your jaas.config file lives. The easiest way to do this is by setting a JAVA_OPTS environment variable.
1. Create a setenv.sh (or setenv.bat if you're on Windows)
2. Add the information to JAVA_OPTS. In a setenv.sh file, it would look like:
JAVA_OPTS="-Djava.security.auth.login.config=$CATALINA_BASE/conf/jaas.config"
export JAVA_OPTS
Note that the examples for doing this in both the Tomcat documentation and the JAAS documentation have a double equals ( == ) sign for the assignment. I'm not sure why this is the case.
Again, this is just my reading of the documentation. Your mileage may vary.
. . . only one cent, since I've no experience
/mde/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache tomcat (7.0.27) is not loading the user and role class
for JAASRealm
Posted by Daniel Mikusa <dm...@vmware.com>.
----- Original Message -----
> I am creating a website and implement security. For this I am using
> Form
> based authentication and JAASRealm. I have implemented the login
> module and
> able to authenticate but while authorizing tomcat is not able to load
> the
> user and role classes once I start the tomcat server.
>
> It gives the following error on startup (in the
> tomcat7-stderr.2012-06-13.log)
> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
> parseClassNames
> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal
> not
> found! Class not added.
> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm
> parseClassNames
> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal
> not
> found! Class not added.
The classes mentioned above cannot be found.
1.) What are they classes? They are not part of Tomcat.
2.) Have you placed the classes on the classpath somewhere? If so, where?
Dan
>
> I have taken help from
> http://blog.frankel.ch/custom-loginmodule-in-tomcat
>
> I tried even the sample one on the above website but gives the same
> error.
> Please let me know what am I missing.
> --
> Regards,
> Javed
> ====================================================================
> Even a big pot full of water will be emptied by a small hole.
> Similarly just a little anger or ego will burn the nobility of good
> heart.
> ====================================================================
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org