Benjamin, you posted this thread once already. Myself and some others
already replied.
Please read the replies to your previous post.
On 7/20/06, Benjamin Brown <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I'm new to Acegi but I understand the basic concepts well enough to
> configure it with our Spring based webapp.
>
> I'm having a particular problem with JAAS and Kerberos integration - it
> appears our JBoss application server is possibly hijacking
> authentication calls by JAAS but I'm unsure why. Its looking for a
> users/passwords/role file despite being configured to use Kerberos, not
> a dao setup. Does anyone know how to prevent this?
>
> Any pointers would be greatly appreciated,
>
> Benjamin
>
> Here's the relevant part of the log:
>
> 17:28:40,625 ERROR [UsersRolesLoginModule] Failed to load
> users/passwords/role files
> java.io.IOException: Properties file users.properties not found
> at
> org.jboss.security.auth.spi.UsersRolesLoginModule.loadProperties(UsersRolesLoginModule.java:217)
> at
> org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:234)
> at
> org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:100)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:324)
> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662)
> at
> javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
> at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
> at
> org.acegisecurity.providers.jaas.JaasAuthenticationProvider.authenticate(JaasAuthenticationProvider.java:162)
>
> Here's the JAAS config:
>
> JAASTest {
> com.sun.security.auth.module.Krb5LoginModule required debug=true;
> };
>
> Here's the relevant parts of the applicationContext-acegi-security.xml
> (kerberos bean is an initializing bean to simply set the relevant
> java.security properties for kerberos on startup) :
>
> <bean id="authenticationManager"
> class="org.acegisecurity.providers.ProviderManager">
> <property name="providers">
> <list>
> <ref bean="jaasAuthenticationProvider"/>
> </list>
> </property>
> </bean>
>
> <bean id="jaasAuthenticationProvider"
> class="org.acegisecurity.providers.jaas.JaasAuthenticationProvider">
> <property
> name="loginConfig"><value>/WEB-INF/login.conf</value></property>
> <property name="loginContextName"><value>JAASTest</value></property>
> <property name="callbackHandlers">
> <list>
> <bean
> class="org.acegisecurity.providers.jaas.JaasNameCallbackHandler"/>
> <bean
> class="org.acegisecurity.providers.jaas.JaasPasswordCallbackHandler"/>
> </list>
> </property>
> <property name="authorityGranters">
> <list>
> <!-- NOTE OUR ACTUAL PACKAGE NAMES REMOVED FROM THE
> EXAMPLE -->
> <bean
> class="OURPACKAGE.security.PrincipalRoleAuthorityGranter"/>
> </list>
> </property>
> </bean>
>
> <!-- NOTE OUR ACTUAL REALM, PACAKAGE AND KDC REMOVED FROM THE
> EXAMPLE -->
> <bean id="kerberosBean" class="OURPACKAGE.security.KerberosBean">
> <property name="realm" value="OURREALM.COM"/>
> <property name="kdc" value="OURKDC"/>
> <property name="debug" value="false"/>
> </bean>
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> Home: http://acegisecurity.org
> Acegisecurity-developer mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
