You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomee.apache.org by danjee <ji...@gmail.com> on 2015/09/21 13:32:07 UTC
Jaas issue with Maven Tomee plugin
Hello,
I've started a ejb application with maven and wanted to try the Tomee
container for it but I am having difficulties with the Jaas configuration.
I've override the server.xml file from tomee/conf folder so it will have my
realm like this:
server.xml
....
<Realm appName="CaponeJaas" className="org.apache.catalina.realm.JAASRealm"
roleClassNames="ro.asf.capone.server.jaas.RolePrincipal"
userClassNames="ro.asf.capone.server.jaas.UserPrincipal"/>
....
in a login.conf file i've added the mapping to the java class that located
in the ear
login.conf
....
CaponeJaas {
ro.asf.capone.server.jaas.CustomLoginModule required debug=true;
};
....
The login module is taken from
http://blog.sixthpoint.com/jaas-login-module-in-tomcat-7-example-part-1/
<http://blog.sixthpoint.com/jaas-login-module-in-tomcat-7-example-part-1/>
I've added the MAVEN_OPTS to pickup the login.conf with an absolute path:
export
MAVEN_OPTS="-Djava.security.auth.login.config=/home/daniel.jipa/workspace_agency/agency/agency-ear/src/main/tomee/conf/login.conf
-Xmx1024m -Xms1024m -XX:MaxPermSize=512m
-agentlib:jdwp=transport=dt_socket,address=5577,server=y,suspend=n"
The client side looks like this:
public static void main(String[] args) throws NamingException {
InitialContext ctx = null;
Hashtable<String, Object> env = new Hashtable<String, Object>();
env.put(Context.SECURITY_PRINCIPAL, "test");
env.put(Context.SECURITY_CREDENTIALS, "c4ca4238a0b923820dcc509a6f75849b");
env.put(Context.INITIAL_CONTEXT_FACTORY,
"org.apache.openejb.client.RemoteInitialContextFactory");
env.put(Context.PROVIDER_URL, "http://localhost:8080/tomee/ejb");
env.put("openejb.ejbd.authenticate-with-request", "true");
// env.put("openejb.authentication.realmName", "CaponeJaas");
try {
ctx = new InitialContext(env);
System.out.println(ctx);
} catch (NamingException e) {
e.printStackTrace();
}
String jndi =
"global/agency-ear/agency-ejb/AccountControllerBean!ro.asf.capone.server.ejb.account.AccountControllerRemote";
AccountControllerRemote remote = (AccountControllerRemote)
ctx.lookup(jndi);
System.out.println(">remote" + remote);
System.out.println(">>>" + remote.getPersonTypes());
But I get an error on the server side:
SEVERE: Unexpected error
javax.security.auth.login.LoginException: No LoginModules configured for
CaponeJaas
at javax.security.auth.login.LoginContext.init(LoginContext.java:264)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:512)
FINE: EJB REQUEST: EJBRequest{deploymentId='AccountControllerBean',
type=EJB_OBJECT_BUSINESS_METHOD, Body{ejb=null, orb=null,
methodInstance=public abstract java.util.List
ro.asf.capone.server.ejb.account.AccountController.getPersonTypes(),
interfaceClass=interface
ro.asf.capone.server.ejb.account.AccountControllerRemote,
methodName='getPersonTypes', methodParamTypes=[], methodParameters=[],
primaryKey=null, requestId='null', version=2}} -- RESPONSE:
UNKNOWN_RESPONSE, serverTime=17203376196136ns, containerTime3048702ns :
javax.security.auth.login.CredentialNotFoundException: test
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308.html
Sent from the TomEE Users mailing list archive at Nabble.com.
Re: Jaas issue with Maven Tomee plugin
Posted by Romain Manni-Bucau <rm...@gmail.com>.
The answer is already in this thread ;). Just configure it in
META-INF/context.xml defining a configFile on JAASRealm.
Tomcat doc explains it very well IIRC.
Le 24 sept. 2015 00:31, "mauro2java2011" <ma...@gmail.com> a
écrit :
> Ok but for set it i hsvevto write a ServletContextListener ???
> Il 24/set/2015 09:28, "Romain Manni-Bucau [via TomEE & OpenEJB]" <
> ml-node+s979440n4676328h43@n4.nabble.com> ha scritto:
>
> > you use a path accessible from your classloader using getResource.for
> > instance WEB-INF/classes/jaas.config -> use jaas.config.
> >
> >
> > Romain Manni-Bucau
> > @rmannibucau <https://twitter.com/rmannibucau> | Blog
> > <http://rmannibucau.wordpress.com> | Github <
> > https://github.com/rmannibucau> |
> > LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber
> > <http://www.tomitribe.com>
> >
> > 2015-09-24 0:12 GMT-07:00 mauro2java2011 <[hidden email]
> > <http:///user/SendEmail.jtp?type=node&node=4676328&i=0>>:
> >
> > >
> > >
> > >
> > > Mauro
> > > Romain Manni-Bucau wrote
> > > > Hi
> > > >
> > > > Your login module should be in the container so added in libs if
> setup
> > in
> > > > server.xml.
> > > >
> > > > If you want to keep it in your webapp configure the realm in
> > context.xml
> > > > rather than server.xml, use configFile configuration to point on a
> > > > classloader resourcz for the jaas.config.
> > >
> > > and how is possible configuration to point on al classloader resorucez
> > for
> > > the jaas.config???
> > >
> > >
> > >
> > >
> > > --
> > > View this message in context:
> > >
> >
> http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308p4676327.html
> > > Sent from the TomEE Users mailing list archive at Nabble.com.
> > >
> >
> >
> > ------------------------------
> > If you reply to this email, your message will be added to the discussion
> > below:
> >
> >
> http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308p4676328.html
> > To unsubscribe from Jaas issue with Maven Tomee plugin, click here
> > <
> http://tomee-openejb.979440.n4.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4676308&code=bWF1cm8yamF2YTIwMTFAZ21haWwuY29tfDQ2NzYzMDh8LTExMTcxODc2MjU=
> >
> > .
> > NAML
> > <
> http://tomee-openejb.979440.n4.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml
> >
> >
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308p4676329.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
Re: Jaas issue with Maven Tomee plugin
Posted by mauro2java2011 <ma...@gmail.com>.
Ok but for set it i hsvevto write a ServletContextListener ???
Il 24/set/2015 09:28, "Romain Manni-Bucau [via TomEE & OpenEJB]" <
ml-node+s979440n4676328h43@n4.nabble.com> ha scritto:
> you use a path accessible from your classloader using getResource.for
> instance WEB-INF/classes/jaas.config -> use jaas.config.
>
>
> Romain Manni-Bucau
> @rmannibucau <https://twitter.com/rmannibucau> | Blog
> <http://rmannibucau.wordpress.com> | Github <
> https://github.com/rmannibucau> |
> LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber
> <http://www.tomitribe.com>
>
> 2015-09-24 0:12 GMT-07:00 mauro2java2011 <[hidden email]
> <http:///user/SendEmail.jtp?type=node&node=4676328&i=0>>:
>
> >
> >
> >
> > Mauro
> > Romain Manni-Bucau wrote
> > > Hi
> > >
> > > Your login module should be in the container so added in libs if setup
> in
> > > server.xml.
> > >
> > > If you want to keep it in your webapp configure the realm in
> context.xml
> > > rather than server.xml, use configFile configuration to point on a
> > > classloader resourcz for the jaas.config.
> >
> > and how is possible configuration to point on al classloader resorucez
> for
> > the jaas.config???
> >
> >
> >
> >
> > --
> > View this message in context:
> >
> http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308p4676327.html
> > Sent from the TomEE Users mailing list archive at Nabble.com.
> >
>
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
>
> http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308p4676328.html
> To unsubscribe from Jaas issue with Maven Tomee plugin, click here
> <http://tomee-openejb.979440.n4.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4676308&code=bWF1cm8yamF2YTIwMTFAZ21haWwuY29tfDQ2NzYzMDh8LTExMTcxODc2MjU=>
> .
> NAML
> <http://tomee-openejb.979440.n4.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308p4676329.html
Sent from the TomEE Users mailing list archive at Nabble.com.
Re: Jaas issue with Maven Tomee plugin
Posted by Romain Manni-Bucau <rm...@gmail.com>.
you use a path accessible from your classloader using getResource.for
instance WEB-INF/classes/jaas.config -> use jaas.config.
Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> | Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber
<http://www.tomitribe.com>
2015-09-24 0:12 GMT-07:00 mauro2java2011 <ma...@gmail.com>:
>
>
>
> Mauro
> Romain Manni-Bucau wrote
> > Hi
> >
> > Your login module should be in the container so added in libs if setup in
> > server.xml.
> >
> > If you want to keep it in your webapp configure the realm in context.xml
> > rather than server.xml, use configFile configuration to point on a
> > classloader resourcz for the jaas.config.
>
> and how is possible configuration to point on al classloader resorucez for
> the jaas.config???
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308p4676327.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>
Re: Jaas issue with Maven Tomee plugin
Posted by mauro2java2011 <ma...@gmail.com>.
Mauro
Romain Manni-Bucau wrote
> Hi
>
> Your login module should be in the container so added in libs if setup in
> server.xml.
>
> If you want to keep it in your webapp configure the realm in context.xml
> rather than server.xml, use configFile configuration to point on a
> classloader resourcz for the jaas.config.
and how is possible configuration to point on al classloader resorucez for
the jaas.config???
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308p4676327.html
Sent from the TomEE Users mailing list archive at Nabble.com.
Re: Jaas issue with Maven Tomee plugin
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Hi
Your login module should be in the container so added in libs if setup in
server.xml.
If you want to keep it in your webapp configure the realm in context.xml
rather than server.xml, use configFile configuration to point on a
classloader resourcz for the jaas.config.
Le 21 sept. 2015 05:22, "danjee" <ji...@gmail.com> a écrit :
> Hello,
> I've started a ejb application with maven and wanted to try the Tomee
> container for it but I am having difficulties with the Jaas configuration.
>
> I've override the server.xml file from tomee/conf folder so it will have my
> realm like this:
>
> server.xml
> ....
> <Realm appName="CaponeJaas" className="org.apache.catalina.realm.JAASRealm"
> roleClassNames="ro.asf.capone.server.jaas.RolePrincipal"
> userClassNames="ro.asf.capone.server.jaas.UserPrincipal"/>
> ....
> in a login.conf file i've added the mapping to the java class that located
> in the ear
>
> login.conf
> ....
> CaponeJaas {
> ro.asf.capone.server.jaas.CustomLoginModule required debug=true;
> };
> ....
>
> The login module is taken from
>
> http://blog.sixthpoint.com/jaas-login-module-in-tomcat-7-example-part-1/
> <http://blog.sixthpoint.com/jaas-login-module-in-tomcat-7-example-part-1/>
>
> I've added the MAVEN_OPTS to pickup the login.conf with an absolute path:
>
> export
>
> MAVEN_OPTS="-Djava.security.auth.login.config=/home/daniel.jipa/workspace_agency/agency/agency-ear/src/main/tomee/conf/login.conf
> -Xmx1024m -Xms1024m -XX:MaxPermSize=512m
> -agentlib:jdwp=transport=dt_socket,address=5577,server=y,suspend=n"
>
> The client side looks like this:
>
> public static void main(String[] args) throws NamingException {
> InitialContext ctx = null;
> Hashtable<String, Object> env = new Hashtable<String,
> Object>();
> env.put(Context.SECURITY_PRINCIPAL, "test");
> env.put(Context.SECURITY_CREDENTIALS,
> "c4ca4238a0b923820dcc509a6f75849b");
> env.put(Context.INITIAL_CONTEXT_FACTORY,
> "org.apache.openejb.client.RemoteInitialContextFactory");
> env.put(Context.PROVIDER_URL, "
> http://localhost:8080/tomee/ejb");
> env.put("openejb.ejbd.authenticate-with-request", "true");
> // env.put("openejb.authentication.realmName", "CaponeJaas");
> try {
> ctx = new InitialContext(env);
> System.out.println(ctx);
> } catch (NamingException e) {
> e.printStackTrace();
> }
>
> String jndi =
>
> "global/agency-ear/agency-ejb/AccountControllerBean!ro.asf.capone.server.ejb.account.AccountControllerRemote";
> AccountControllerRemote remote = (AccountControllerRemote)
> ctx.lookup(jndi);
> System.out.println(">remote" + remote);
> System.out.println(">>>" + remote.getPersonTypes());
>
>
> But I get an error on the server side:
>
>
> SEVERE: Unexpected error
> javax.security.auth.login.LoginException: No LoginModules configured for
> CaponeJaas
> at
> javax.security.auth.login.LoginContext.init(LoginContext.java:264)
> at
> javax.security.auth.login.LoginContext.<init>(LoginContext.java:512)
>
> FINE: EJB REQUEST: EJBRequest{deploymentId='AccountControllerBean',
> type=EJB_OBJECT_BUSINESS_METHOD, Body{ejb=null, orb=null,
> methodInstance=public abstract java.util.List
> ro.asf.capone.server.ejb.account.AccountController.getPersonTypes(),
> interfaceClass=interface
> ro.asf.capone.server.ejb.account.AccountControllerRemote,
> methodName='getPersonTypes', methodParamTypes=[], methodParameters=[],
> primaryKey=null, requestId='null', version=2}} -- RESPONSE:
> UNKNOWN_RESPONSE, serverTime=17203376196136ns, containerTime3048702ns :
> javax.security.auth.login.CredentialNotFoundException: test
>
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>
Re: Jaas issue with Maven Tomee plugin
Posted by danjee <ji...@gmail.com>.
I found a solution for this by modifying the pom.xml fille. It looked like
the configuration was not read from login.conf
the modification is to add the
<systemVariables>
<java.security.auth.login.config>${project.build.directory}/apache-tomee/conf/login.conf</java.security.auth.login.config>
</systemVariables>
like on
https://rmannibucau.wordpress.com/2012/10/18/create-a-tomee-accessible-through-ssh-with-tomee-maven-plugin/
<https://rmannibucau.wordpress.com/2012/10/18/create-a-tomee-accessible-through-ssh-with-tomee-maven-plugin/>
--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/Jaas-issue-with-Maven-Tomee-plugin-tp4676308p4676309.html
Sent from the TomEE Users mailing list archive at Nabble.com.