You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@geronimo.apache.org by ttiurani <ti...@iki.fi> on 2010/05/24 10:54:39 UTC
Re: issue deploying webapp with security realm
Hi,
I am getting the same error with geronimo 2.2, but there does not seem to be
any way around my problem. I am trying to deploy my application with one
.ear-file and use a custom security realm that is created with
geronimo-application.xml and referenced in geronimo-web.xml. This does not
seem to be possible anymore with Geronimo 2.2.
geronimo-application.xml has this:
<dep:gbean name="MySecurityRealmGBean"
class="org.apache.geronimo.security.realm.GenericSecurityRealm"
xsi:type="dep:gbeanType"
xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<dep:attribute name="realmName">MySecurityRealm</dep:attribute>
<dep:reference name="ServerInfo">
<dep:name>ServerInfo</dep:name>
</dep:reference>
<dep:xml-reference name="LoginModuleConfiguration">
<log:login-config
xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0">
<log:login-module control-flag="REQUIRED"
wrap-principals="false">
<log:login-domain-name>
MySecurityRealm
</log:login-domain-name>
<log:login-module-class>
org.test.MySecurityRealmLoginModule
</log:login-module-class>
</log:login-module>
</log:login-config>
</dep:xml-reference>
</dep:gbean>
and geronimo-web.xml inside the same .ear tries to reference the realm with
this:
<security-realm-name>MySecurityRealm</security-realm-name>
Now this has worked nicely with Geronimo 2.0.1 -> 2.1.3 (I'm guessing it
works for 2.1.4 and 2.1.5 as well) but it fails with 2.2 with the same stack
trace as in the first message. I'm guessing the problem is this that by the
time geronimo-web.xml is evaluated during deployment, the custom security
realm from geronimo-application.xml is not either created yet or then there
is some kind of class loader problem.
I've tried every kind of combination of geronimo-application.xml and
geronimo-web.xml and am quite confident the problem is not a simple
configuration typo or lack of <depencency> tags.
I believe it is possible to do this in two separete deployments, where I
would first deploy the custom security realm alone to Geronimo and then
reference it in a separeate .ear containing a geronimo-web.xml with a
dependency to something like this:
<dependency>
<groupId>org.test</groupId>
<artifactId>security</artifactId>
<version>1.0</version>
<type>car</type>
</dependency>
The unfortunate thing is, this approach complicates my development so
significantly, it is out of the question.
Is it possible to create and reference a custom login module inside a single
.ear with Geronimo 2.2? If not, is this possiblity removed from 2.2 on
purpose, or is it a bug that wil be fixed in later versions?
Best regards,
Timo Tiuraniemi
p.s. This seems to be possible in JBoss
(http://community.jboss.org/thread/145856).
--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p839216.html
Sent from the Users mailing list archive at Nabble.com.
Re: issue deploying webapp with security realm
Posted by ttiurani <ti...@iki.fi>.
Ivan Xu wrote:
>
> Sorry, I forgot to mention it in the last email, you might need to add a
> global gbean attribute for realm.
> <dep:attribute name="global">true</dep:attribute>
>
Thanks again Ivan! This configuration file now works for G2.2.:
<dep:gbean name="MySecurityRealm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm"
xsi:type="dep:gbeanType"
xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<dep:attribute name="realmName">MySecurityRealm</dep:attribute>
<dep:attribute name="global">true</dep:attribute>
<dep:reference name="ServerInfo">
<dep:name>ServerInfo</dep:name>
</dep:reference>
<dep:xml-reference name="LoginModuleConfiguration">
<log:login-config
xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0">
<log:login-module control-flag="REQUIRED"
wrap-principals="false">
<log:login-domain-name>
MySecurityRealm
</log:login-domain-name>
<log:login-module-class>
org.test.MyLoginModule
</log:login-module-class>
</log:login-module>
</log:login-config>
</dep:xml-reference>
</dep:gbean>
-- Timo
--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p876453.html
Sent from the Users mailing list archive at Nabble.com.
Re: issue deploying webapp with security realm
Posted by Ivan <xh...@gmail.com>.
Sorry, I forgot to mention it in the last email, you might need to add a
global gbean attribute for realm.
<dep:attribute name="global">true</dep:attribute>
2010/6/7 ttiurani <ti...@iki.fi>
>
>
> Unfortunately I ran into more problems with deploying a custom security
> realm inside an ear to Geronimo 2.2. Even though I am now able to
> successfully deploy the security realm to G22, I can not get a reference to
> the LoginModule. This is the stack trace I get:
>
> javax.security.auth.login.LoginException: No LoginModules configured for
> MySecurityRealm
> at
> javax.security.auth.login.LoginContext.init(LoginContext.java:256)
> at
> javax.security.auth.login.LoginContext.<init>(LoginContext.java:367)
> at
> javax.security.auth.login.LoginContext.<init>(LoginContext.java:444)
> at org.test.MyFilter.doFilter(MyFilter.java:32)
> at
>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> at
>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
> at
>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
> at
>
> org.apache.geronimo.tomcat.security.SecurityValve.invoke(SecurityValve.java:88)
> at
>
> org.apache.geronimo.tomcat.security.jacc.JACCSecurityValve.invoke(JACCSecurityValve.java:54)
> at
>
> org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:420)
> at
>
> org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve.invoke(GeronimoBeforeAfterValve.java:47)
> at
>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
> at
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567)
> at
>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
> at
>
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
> at
>
> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:361)
> at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214)
> at
>
> org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPool.java:344)
> at
>
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
> at
>
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
> at java.lang.Thread.run(Thread.java:619)
>
> Here is an extended test program that produces the error on Geronimo 2.2
> but
> works fine on 2.1.3, 2.1.4 and 2.1.5 with Java 1.6.0_18. Run "mvn:verify"
> to
> see the error:
>
> http://apache-geronimo.328035.n3.nabble.com/file/n876229/g22srbug.zip
> g22srbug.zip
>
> The test program now includes a MyFilter.java that is called before
> http://localhost:8080/testwar/index.html is loaded. LoginException is
> thrown
> for:
>
> LoginContext lc = new LoginContext(
> this.realm,
> new Subject(),
> new MyCallbackHandler());
>
> Is there a way around this class loading problem?
>
> -- Timo
> --
> View this message in context:
> http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p876229.html
> Sent from the Users mailing list archive at Nabble.com.
>
--
Ivan
Re: issue deploying webapp with security realm
Posted by ttiurani <ti...@iki.fi>.
Unfortunately I ran into more problems with deploying a custom security
realm inside an ear to Geronimo 2.2. Even though I am now able to
successfully deploy the security realm to G22, I can not get a reference to
the LoginModule. This is the stack trace I get:
javax.security.auth.login.LoginException: No LoginModules configured for
MySecurityRealm
at
javax.security.auth.login.LoginContext.init(LoginContext.java:256)
at
javax.security.auth.login.LoginContext.<init>(LoginContext.java:367)
at
javax.security.auth.login.LoginContext.<init>(LoginContext.java:444)
at org.test.MyFilter.doFilter(MyFilter.java:32)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.geronimo.tomcat.security.SecurityValve.invoke(SecurityValve.java:88)
at
org.apache.geronimo.tomcat.security.jacc.JACCSecurityValve.invoke(JACCSecurityValve.java:54)
at
org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:420)
at
org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve.invoke(GeronimoBeforeAfterValve.java:47)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:361)
at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214)
at
org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPool.java:344)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:619)
Here is an extended test program that produces the error on Geronimo 2.2 but
works fine on 2.1.3, 2.1.4 and 2.1.5 with Java 1.6.0_18. Run "mvn:verify" to
see the error:
http://apache-geronimo.328035.n3.nabble.com/file/n876229/g22srbug.zip
g22srbug.zip
The test program now includes a MyFilter.java that is called before
http://localhost:8080/testwar/index.html is loaded. LoginException is thrown
for:
LoginContext lc = new LoginContext(
this.realm,
new Subject(),
new MyCallbackHandler());
Is there a way around this class loading problem?
-- Timo
--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p876229.html
Sent from the Users mailing list archive at Nabble.com.
Re: issue deploying webapp with security realm
Posted by ttiurani <ti...@iki.fi>.
Thank you! Deployment works for G2.2. when the gbean name to matches the
realm name.
Ivan Xu wrote:
>
> I checked your application, a little change to your
> geronimo-application.xml file :
> --->
> <dep:gbean name="MySecurityRealmGBean" -> <dep:gbean
> name="MySecurityRealm"
> class="org.apache.geronimo.security.realm.GenericSecurityRealm"
> xsi:type="dep:gbeanType"
> xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <dep:attribute name="realmName">MySecurityRealm</dep:attribute>
> <---
> while Geronimo searches the reference, it uses the name of GBean ......
>
-- Timo
--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p844871.html
Sent from the Users mailing list archive at Nabble.com.
Re: issue deploying webapp with security realm
Posted by Ivan <xh...@gmail.com>.
Hi,
I checked your application, a little change to your
geronimo-application.xml file :
--->
<dep:gbean name="MySecurityRealmGBean" -> <dep:gbean
name="MySecurityRealm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm"
xsi:type="dep:gbeanType"
xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<dep:attribute name="realmName">MySecurityRealm</dep:attribute>
<---
while Geronimo searches the reference, it uses the name of GBean ......
2010/5/25 Łukasz Budnik <lu...@gmail.com>
> Hi,
>
> In general something is wrong with security in G 2.2. I have created
> two JIRAs (GERONIMO-5010, GERONIMO-5011) for security related bugs
> (and as in your case, both things were working in G 2.1.x).
>
> All is left is to wait for a new 2.2.x release.
>
> Hope we get it soon.
>
> Łukasz
>
> On 25 May 2010 13:40, ttiurani <ti...@iki.fi> wrote:
> >
> >
> > Hi,
> >
> > thanks for the quick reply! Putting the security realm geronimo-web.xml
> > doesn't help.
> >
> > Please find attached a sample test application. Run "mvn verify" to see
> > deployment on Geronimo running on localhost. I have tested it with java
> > 1.5.0_17 and 1.6.0_18 with Geronimo versions 2.1.3, 2.1.4 and 2.1.5 and
> they
> > all work. Version 2.2 fails with both java versions.
> >
> > Is there a way to get this to work with all versions or is this a bug in
> > 2.2?
> >
> > Below is the stack trace I get:
> >
> > Deployer operation failed: Unable to resolve reference
> > "ConfigurationFactory"
> > in gbean
> >
> org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war
> > to a gbean matching the pattern
> >
> [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
> > due to: No matches for referencePatterns:
> >
> [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
> > org.apache.geronimo.common.DeploymentException: Unable to resolve
> reference
> > "ConfigurationFactory"
> > in gbean
> >
> org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war
> > to a gbean matching the pattern
> >
> [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
> > due to: No matches for referencePatterns:
> >
> [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
> > at
> >
> org.apache.geronimo.deployment.DeploymentContext.getConfigurationData(DeploymentContext.java:656)
> > at
> >
> org.apache.geronimo.tomcat.deployment.TomcatModuleBuilder.addGBeans(TomcatModuleBuilder.java:584)
> > at
> >
> org.apache.geronimo.j2ee.deployment.SwitchingModuleBuilder.addGBeans(SwitchingModuleBuilder.java:165)
> > at
> >
> org.apache.geronimo.j2ee.deployment.EARConfigBuilder.buildConfiguration(EARConfigBuilder.java:652)
> > at
> org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:257)
> > at
> org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:136)
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> > at
> >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> > at java.lang.reflect.Method.invoke(Method.java:585)
> > at
> >
> org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
> > at
> >
> org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
> > at
> >
> org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851)
> > at
> > org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237)
> > at
> > org.apache.geronimo.kernel.KernelGBean.invoke(KernelGBean.java:342)
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> > at
> >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> > at java.lang.reflect.Method.invoke(Method.java:585)
> > at
> >
> org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
> > at
> >
> org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
> > at
> >
> org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851)
> > at
> > org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237)
> > at
> >
> org.apache.geronimo.system.jmx.MBeanGBeanBridge.invoke(MBeanGBeanBridge.java:172)
> > at
> >
> com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
> > at
> > com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
> > at
> >
> com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
> > at
> > com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
> > at
> >
> javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1410)
> > at
> >
> javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81)
> > at
> >
> javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1247)
> > at java.security.AccessController.doPrivileged(Native Method)
> > at
> >
> javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1350)
> > at
> >
> javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:784)
> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> > at
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> > at
> >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> > at java.lang.reflect.Method.invoke(Method.java:585)
> > at
> > sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
> > at sun.rmi.transport.Transport$1.run(Transport.java:153)
> > at java.security.AccessController.doPrivileged(Native Method)
> > at sun.rmi.transport.Transport.serviceCall(Transport.java:149)
> > at
> > sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
> > at
> >
> sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
> > at java.lang.Thread.run(Thread.java:595)
> >
> > Best regards,
> > Timo
> >
> > http://apache-geronimo.328035.n3.nabble.com/file/n841923/g22earbug.zip
> > g22earbug.zip
> > --
> > View this message in context:
> http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p841923.html
> > Sent from the Users mailing list archive at Nabble.com.
> >
>
--
Ivan
Re: issue deploying webapp with security realm
Posted by Shawn Jiang <ge...@gmail.com>.
There are fixes for GERONIMO-5010, GERONIMO-5011 recently, could you try the
latest 22 branch code to see if the fixes resolve your problems ?
On Tue, May 25, 2010 at 8:47 PM, Łukasz Budnik <lu...@gmail.com>wrote:
> GERONIMO-5010, GERONIMO-5011
--
Shawn
Re: issue deploying webapp with security realm
Posted by Łukasz Budnik <lu...@gmail.com>.
Hi,
In general something is wrong with security in G 2.2. I have created
two JIRAs (GERONIMO-5010, GERONIMO-5011) for security related bugs
(and as in your case, both things were working in G 2.1.x).
All is left is to wait for a new 2.2.x release.
Hope we get it soon.
Łukasz
On 25 May 2010 13:40, ttiurani <ti...@iki.fi> wrote:
>
>
> Hi,
>
> thanks for the quick reply! Putting the security realm geronimo-web.xml
> doesn't help.
>
> Please find attached a sample test application. Run "mvn verify" to see
> deployment on Geronimo running on localhost. I have tested it with java
> 1.5.0_17 and 1.6.0_18 with Geronimo versions 2.1.3, 2.1.4 and 2.1.5 and they
> all work. Version 2.2 fails with both java versions.
>
> Is there a way to get this to work with all versions or is this a bug in
> 2.2?
>
> Below is the stack trace I get:
>
> Deployer operation failed: Unable to resolve reference
> "ConfigurationFactory"
> in gbean
> org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war
> to a gbean matching the pattern
> [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
> due to: No matches for referencePatterns:
> [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
> org.apache.geronimo.common.DeploymentException: Unable to resolve reference
> "ConfigurationFactory"
> in gbean
> org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war
> to a gbean matching the pattern
> [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
> due to: No matches for referencePatterns:
> [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
> at
> org.apache.geronimo.deployment.DeploymentContext.getConfigurationData(DeploymentContext.java:656)
> at
> org.apache.geronimo.tomcat.deployment.TomcatModuleBuilder.addGBeans(TomcatModuleBuilder.java:584)
> at
> org.apache.geronimo.j2ee.deployment.SwitchingModuleBuilder.addGBeans(SwitchingModuleBuilder.java:165)
> at
> org.apache.geronimo.j2ee.deployment.EARConfigBuilder.buildConfiguration(EARConfigBuilder.java:652)
> at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:257)
> at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:136)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
> at
> org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851)
> at
> org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237)
> at
> org.apache.geronimo.kernel.KernelGBean.invoke(KernelGBean.java:342)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
> at
> org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
> at
> org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851)
> at
> org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237)
> at
> org.apache.geronimo.system.jmx.MBeanGBeanBridge.invoke(MBeanGBeanBridge.java:172)
> at
> com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
> at
> com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
> at
> com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
> at
> com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
> at
> javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1410)
> at
> javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81)
> at
> javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1247)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1350)
> at
> javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:784)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
> at sun.rmi.transport.Transport$1.run(Transport.java:153)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.rmi.transport.Transport.serviceCall(Transport.java:149)
> at
> sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
> at
> sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
> at java.lang.Thread.run(Thread.java:595)
>
> Best regards,
> Timo
>
> http://apache-geronimo.328035.n3.nabble.com/file/n841923/g22earbug.zip
> g22earbug.zip
> --
> View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p841923.html
> Sent from the Users mailing list archive at Nabble.com.
>
Re: issue deploying webapp with security realm
Posted by ttiurani <ti...@iki.fi>.
Hi,
thanks for the quick reply! Putting the security realm geronimo-web.xml
doesn't help.
Please find attached a sample test application. Run "mvn verify" to see
deployment on Geronimo running on localhost. I have tested it with java
1.5.0_17 and 1.6.0_18 with Geronimo versions 2.1.3, 2.1.4 and 2.1.5 and they
all work. Version 2.2 fails with both java versions.
Is there a way to get this to work with all versions or is this a bug in
2.2?
Below is the stack trace I get:
Deployer operation failed: Unable to resolve reference
"ConfigurationFactory"
in gbean
org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war
to a gbean matching the pattern
[?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
due to: No matches for referencePatterns:
[?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
org.apache.geronimo.common.DeploymentException: Unable to resolve reference
"ConfigurationFactory"
in gbean
org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war
to a gbean matching the pattern
[?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
due to: No matches for referencePatterns:
[?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory]
at
org.apache.geronimo.deployment.DeploymentContext.getConfigurationData(DeploymentContext.java:656)
at
org.apache.geronimo.tomcat.deployment.TomcatModuleBuilder.addGBeans(TomcatModuleBuilder.java:584)
at
org.apache.geronimo.j2ee.deployment.SwitchingModuleBuilder.addGBeans(SwitchingModuleBuilder.java:165)
at
org.apache.geronimo.j2ee.deployment.EARConfigBuilder.buildConfiguration(EARConfigBuilder.java:652)
at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:257)
at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:136)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
at
org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851)
at
org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237)
at
org.apache.geronimo.kernel.KernelGBean.invoke(KernelGBean.java:342)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34)
at
org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130)
at
org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851)
at
org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237)
at
org.apache.geronimo.system.jmx.MBeanGBeanBridge.invoke(MBeanGBeanBridge.java:172)
at
com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
at
com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
at
com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
at
com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
at
javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1410)
at
javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81)
at
javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1247)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1350)
at
javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:784)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294)
at sun.rmi.transport.Transport$1.run(Transport.java:153)
at java.security.AccessController.doPrivileged(Native Method)
at sun.rmi.transport.Transport.serviceCall(Transport.java:149)
at
sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:466)
at
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:707)
at java.lang.Thread.run(Thread.java:595)
Best regards,
Timo
http://apache-geronimo.328035.n3.nabble.com/file/n841923/g22earbug.zip
g22earbug.zip
--
View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p841923.html
Sent from the Users mailing list archive at Nabble.com.
Re: issue deploying webapp with security realm
Posted by David Jencks <da...@yahoo.com>.
This should work the way you want it to. I don't see anything wrong with your configuration, but my eyes are not an xml validator :-)
Could you see what happens if you put the security realm gbean in the geronimo-web.xml?
Also, just for reference could you paste the stack trace you are getting?
There is a configuration change you have to make if you want to use your own security realm with (remote) ejb access, but that doesn't sound like your situation.
If you can provide a sample app to demonstrate the problem that would be very helpful.
thanks
david jencks
On May 24, 2010, at 1:54 AM, ttiurani wrote:
>
> Hi,
>
> I am getting the same error with geronimo 2.2, but there does not seem to be
> any way around my problem. I am trying to deploy my application with one
> .ear-file and use a custom security realm that is created with
> geronimo-application.xml and referenced in geronimo-web.xml. This does not
> seem to be possible anymore with Geronimo 2.2.
>
> geronimo-application.xml has this:
>
> <dep:gbean name="MySecurityRealmGBean"
> class="org.apache.geronimo.security.realm.GenericSecurityRealm"
> xsi:type="dep:gbeanType"
> xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <dep:attribute name="realmName">MySecurityRealm</dep:attribute>
> <dep:reference name="ServerInfo">
> <dep:name>ServerInfo</dep:name>
> </dep:reference>
> <dep:xml-reference name="LoginModuleConfiguration">
> <log:login-config
> xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0">
> <log:login-module control-flag="REQUIRED"
> wrap-principals="false">
> <log:login-domain-name>
> MySecurityRealm
> </log:login-domain-name>
> <log:login-module-class>
> org.test.MySecurityRealmLoginModule
> </log:login-module-class>
> </log:login-module>
> </log:login-config>
> </dep:xml-reference>
> </dep:gbean>
>
> and geronimo-web.xml inside the same .ear tries to reference the realm with
> this:
>
> <security-realm-name>MySecurityRealm</security-realm-name>
>
> Now this has worked nicely with Geronimo 2.0.1 -> 2.1.3 (I'm guessing it
> works for 2.1.4 and 2.1.5 as well) but it fails with 2.2 with the same stack
> trace as in the first message. I'm guessing the problem is this that by the
> time geronimo-web.xml is evaluated during deployment, the custom security
> realm from geronimo-application.xml is not either created yet or then there
> is some kind of class loader problem.
>
> I've tried every kind of combination of geronimo-application.xml and
> geronimo-web.xml and am quite confident the problem is not a simple
> configuration typo or lack of <depencency> tags.
>
> I believe it is possible to do this in two separete deployments, where I
> would first deploy the custom security realm alone to Geronimo and then
> reference it in a separeate .ear containing a geronimo-web.xml with a
> dependency to something like this:
>
> <dependency>
> <groupId>org.test</groupId>
> <artifactId>security</artifactId>
> <version>1.0</version>
> <type>car</type>
> </dependency>
>
> The unfortunate thing is, this approach complicates my development so
> significantly, it is out of the question.
>
> Is it possible to create and reference a custom login module inside a single
> .ear with Geronimo 2.2? If not, is this possiblity removed from 2.2 on
> purpose, or is it a bug that wil be fixed in later versions?
>
> Best regards,
> Timo Tiuraniemi
>
> p.s. This seems to be possible in JBoss
> (http://community.jboss.org/thread/145856).
> --
> View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p839216.html
> Sent from the Users mailing list archive at Nabble.com.