Re: svn commit: r723242 - /geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/plan.xml

Thu, 04 Dec 2008 22:10:47 -0800 

I was seeing something very similar the other day too.

--jason


On Dec 5, 2008, at 11:49 AM, Jarek Gawor wrote:


David,

I'm not sure if anybody else is seeing this but I'm unable to reliably
start a server after this change. Here's the error I get (from time to
time when I try to start the server):

2008-12-04 22:26:45,686 ERROR [GBeanInstanceState] Error while
starting; GBean is now in the FAILED state:
abstractName="org.apache.geronimo.plugins.monitoring/agent/2.2- SNAPSHOT/car?EJBModule =org.apache.geronimo.plugins.monitoring/agent/2.2-SNAPSHOT/ car,J2EEApplication=null,j2eeType=JACCManager,name=JACCManager" 
javax.security.auth.login.LoginException: No LoginModules configured
for monitoring-runas-realm
at javax.security.auth.login.LoginContext.init(LoginContext.java:256) at javax.security.auth.login.LoginContext.<init>(LoginContext.java:499) at org .apache.geronimo.security.ContextManager.login(ContextManager.java:83) at org .apache .geronimo .security .credentialstore .SimpleCredentialStoreImpl.getSubject(SimpleCredentialStoreImpl.java: 100) at org .apache .geronimo .security .jacc .ApplicationPolicyConfigurationManager .<init>(ApplicationPolicyConfigurationManager.java:111) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun .reflect .NativeConstructorAccessorImpl .newInstance(NativeConstructorAccessorImpl.java:39) at sun .reflect .DelegatingConstructorAccessorImpl .newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java: 494) at org.apache.xbean.recipe.ReflectionUtil $ConstructorFactory.create(ReflectionUtil.java:882) at org .apache.xbean.recipe.ObjectRecipe.internalCreate(ObjectRecipe.java: 272) at org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:96) at org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:61) 

Jarek

On Thu, Dec 4, 2008 at 3:35 AM,  <[EMAIL PROTECTED]> wrote:

Author: djencks
Date: Thu Dec  4 00:35:20 2008
New Revision: 723242

URL: http://svn.apache.org/viewvc?rev=723242&view=rev
Log:
GERONIMO-4415 Use new SimpleCredentialStore isolation features

Modified:
geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/ plan.xml
Modified: geronimo/server/trunk/plugins/monitoring/agent/src/main/ plan/plan.xml 
URL: 
http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/plan.xml?rev=723242&r1=723241&r2=723242&view=diff
= = = = = = = = = ===================================================================== --- geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/ plan.xml (original) +++ geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/ plan.xml Thu Dec 4 00:35:20 2008 
@@ -22,6 +22,7 @@
       xmlns="http://www.openejb.org/xml/ns/openejb-jar-2.1";
       xmlns:sec="http://geronimo.apache.org/xml/ns/security-2.0";
       xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.2";
+        xmlns:nam="http://geronimo.apache.org/xml/ns/naming-1.2";
xmlns:cs="http://geronimo.apache.org/xml/ns/credentialstore-1.0 "> 


@@ -37,7 +38,7 @@
           <sys:name>monitoring-credential-store</sys:name>
       </sec:credential-store-ref>
       <sec:default-subject>
-            <sec:realm>geronimo-admin</sec:realm>
+            <sec:realm>monitoring-runas-realm</sec:realm>
           <sec:id>monitoring-user</sec:id>
       </sec:default-subject>
       <sec:role-mappings>
@@ -58,20 +59,43 @@
<sys:gbean name="monitoring-credential-store" class = "org .apache.geronimo.security.credentialstore.SimpleCredentialStoreImpl"> 
       <sys:xml-attribute name="credentialStore">
           <cs:credential-store>
-                <cs:realm name="geronimo-admin">
+                <cs:realm name="monitoring-runas-realm">
                   <cs:subject>
                       <cs:id>monitoring-user</cs:id>
                       <cs:credential>
< cs:type >org.apache.geronimo.security.credentialstore.NameCallbackHandler</ cs:type> 
-                            <cs:value>system</cs:value>
-                        </cs:credential>
-                        <cs:credential>
- < cs:type > org .apache.geronimo.security.credentialstore.PasswordCallbackHandler</ cs:type> 
-                            <cs:value>manager</cs:value>
+                            <cs:value>admin</cs:value>
                       </cs:credential>
                   </cs:subject>
               </cs:realm>
           </cs:credential-store>
       </sys:xml-attribute>
+        <sys:reference name="Realms">
+            <sys:name>monitoring-runas-realm</sys:name>
+        </sys:reference>
+        <sys:dependency>
+            <nam:name>monitoring-runas-realm</nam:name>
+        </sys:dependency>
   </sys:gbean>
+
+    <gbean name="monitoring-runas-realm"
+ class="org.apache.geronimo.security.realm.GenericSecurityRealm"> + <attribute name="realmName">monitoring-runas-realm</ attribute> 
+        <attribute name="publish">false</attribute>
+        <xml-reference name="LoginModuleConfiguration">
+ <lc:login-config xmlns:lc="http://geronimo.apache.org/xml/ns/loginconfig-1.2 "> 
+                <lc:login-module control-flag="REQUIRED">
+ <lc:login-domain-name>monitoring-runas-domain</ lc:login-domain-name> + <lc:login-module- class >org.apache.geronimo.security.credentialstore.RunAsLoginModule</ lc:login-module-class> + <lc:option name = "principalClass "> org .apache.geronimo.security.realm.providers.GeronimoGroupPrincipal</ lc:option> + <lc:option name="principalNames">admin</ lc:option> 
+                </lc:login-module>
+            </lc:login-config>
+        </xml-reference>
+        <!--<reference name="ServerInfo">-->
+            <!--<name>ServerInfo</name>-->
+        <!--</reference>-->
+    </gbean>
+
+
</openejb-jar>

Reply via email to