support for security roles in web.xml

[Prem kalyan <pr...@gmail.com>]

hi all,


I want to know whether Security Role assignment is supported in web.xml
As in

          Release Notes - Apache Geronimo - Version 1.0-M2
 under
         ** Unimplemented and Unsupported Features
there is         
         * [GERONIMO-174] - Support for security-roles in web.xml

says its not supported.


i have the following entries in my web.xml. Will the follwoing work in
Geronimo. If it works please mail me what are changes i need to make
and where.


<security-constraint>
    <web-resource-collection>
      <web-resource-name>MySecureBit0</web-resource-name>
      <url-pattern>/AdminRequestProcessor</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>administrator</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
  </security-constraint>

  <login-config>
    <auth-method>FORM</auth-method>

    <realm-name>default</realm-name>

    <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/error.jsp</form-error-page>
    </form-login-config>
  </login-config>

  <security-role>
    <role-name>administrator</role-name>
  </security-role>



The things i configured to get this working 

1  .  Created a realm plan.

<configuration
      xmlns="http://geronimo.apache.org/xml/ns/deployment"
      configId="org/apache/geronimo/petstore"
      parentId="org/apache/geronimo/Server">

<gbean name="geronimo.security:type=SecurityRealm,realm=petstore-realm"
      class="org.apache.geronimo.security.realm.providers.PropertiesFileSecurityRealm">
      <attribute name="realmName"
type="java.lang.String">petstore-realm</attribute>
      <attribute name="maxLoginModuleAge" type="long">10000</attribute>
      <attribute name="usersURI"
type="java.net.URI">var/security/petstore.users.properties</attribute>
      <attribute name="groupsURI"
type="java.net.URI">var/security/petstore.groups.properties</attribute>
      <reference name="ServerInfo">geronimo.system:role=ServerInfo</reference>
</gbean>

<gbean name="geronimo.security:type=ConfigurationEntry,jaasId=default"
		class="org.apache.geronimo.security.jaas.ConfigurationEntryRealmLocal">
		<attribute name="applicationConfigName"
type="java.lang.String">default</attribute>
		<attribute name="realmName" type="java.lang.String">petstore-realm</attribute>
		<attribute name="controlFlag"
type="org.apache.geronimo.security.jaas.LoginModuleControlFlag">REQUIRED</attribute>
	</gbean>

 	<!-- Jetty Realm that points to the Geronimo Demo Properties File Realm -->
	<gbean name="geronimo.jetty:role=JaasRealm"
class="org.apache.geronimo.jetty.JAASJettyRealm">
		<reference name="JettyContainer">geronimo.server:type=WebContainer,container=Jetty</reference>
		<attribute name="name" type="java.lang.String">default</attribute>
		<attribute name="loginModuleName" type="java.lang.String">default</attribute>
    	</gbean>

</configuration>

2. I included this plan in  incubator-geronimo/modules/assembly/maven.xml
 under this tag.

      <ant:echo>Building petstore configuration</ant:echo>
      <ant:java fork="true" jar="${distDir}/bin/deployer.jar"
failonerror="true">
          <ant:jvmarg value="-ea"/>
          <ant:arg value="--install"/>
          <ant:arg value="--plan"/>
          <ant:arg value="target/plan/petstore-plan.xml"/>
      </ant:java>

3. i ran the maven file.

4. i deployed petstore and petstoreAdmin on Geronimo Srever.


Problem ,

1.  When i tried to login under admin application , it gave the following error.

java.lang.NullPointerException
      at org.apache.geronimo.jetty.JettyServer$RealmDelegate.authenticate(JettyServer.java:95)
      at org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:287)
      at org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:13
      at org.mortbay.jetty.servlet.ServletHttpContext.jSecurityCheck(ServletHttpContext.java:114)
      at org.mortbay.jetty.servlet.ServletHttpContext.checkSecurityConstraints(ServletHttpContext.java:130)
      at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:411)
      at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:512)
      at org.mortbay.http.HttpContext.handle(HttpContext.java:1442)
      at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:490)
      at org.apache.geronimo.jetty.JettyWebAppContext.handle(JettyWebAppContext.java:173)
      at org.mortbay.http.HttpContext.handle(HttpContext.java:1394)
      at org.mortbay.http.HttpServer.service(HttpServer.java:879)
      at org.mortbay.http.HttpConnection.service(HttpConnection.java:821)
      at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:98
      at org.mortbay.http.HttpConnection.handle(HttpConnection.java:83
      at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:212)
      at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:315)
      at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:510)

  can someone give me the reason for this error.

thanx in advance





-- 
regards,
prem