Re: Problem in using a security realm added through geronimo console

Tue, 29 Nov 2005 08:49:41 -0800 

It looks to me as if the portlet is broken, and needs to add
<reference name="LoginService"><module>org/apache/geronimo/Security</ module><name>JaasLoginService</name></reference>
to the plan it generates. Unfortunately I'm not sure how the portlet works.... perhaps filing a jira issue would be a good idea. 

thanks
david jencks

On Nov 29, 2005, at 5:12 AM, Vamsavardhana Reddy wrote:
The new realm is added through "Security realms" portlet and it shows the following plan on clicking the "show plan" button.
<configuration configId="SecurityRealmonemore-security-realm" parentId="org/apache/geronimo/Server" xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0";>     <gbean name="onemore-security-realm" class="org.apache.geronimo.security.realm.GenericSecurityRealm"> 
         <attribute name="realmName">onemore-security-realm</attribute>
         <reference name="ServerInfo">
            <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/ apache/geronimo/ System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name> 
         </reference>
         <xml-reference name="LoginModuleConfiguration">
            <log:login-config xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0";>                 <log:login-module control-flag="REQUIRED" server-side="true">                     <log:login-domain-name>onemore-security-realm</log:login-domain-name>                     <log:login-module- class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginM odule</log:login-module-class>                     <log:option name="usersURI">var/security/vamsi-users.properties</log:option>                     <log:option name="groupsURI">var/security/vamsi-groups.properties</log:option> 
                 </log:login-module>
             </log:login-config>
         </xml-reference>
     </gbean>
 </configuration>

On 11/29/05, Krishnakumar B <[EMAIL PROTECTED]> wrote:


Check the deployment plan if the references are correct.

Sample plan file.

    <gbean name="test-realm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
    <attribute name="realmName">test-realm</attribute>
    <reference name="LoginModuleConfiguration">
        <name>test-login</name>
    </reference>
     <reference name="ServerInfo">
          <module>org/apache/geronimo/System</module>
          <name>ServerInfo</name>
    </reference>
    <reference name="LoginService"><module>org/apache/geronimo/Security</ module><name>JaasLoginService</name></reference> 
    </gbean>

    <gbean name="test-login"
class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
    <attribute name="controlFlag">REQUIRED</attribute>
    <reference name="LoginModule">
        <name>test-login</name>
    </reference>
    </gbean>
</configuration>

Regards
Krish

On 11/29/05, Vamsavardhana Reddy < [EMAIL PROTECTED]> wrote:
> Here is the description of problem I am facing.
>
> I have created a simple web application that uses a FORM authentication > method.  In the deployment plan, I have configured the application to use 
> "geronimo-properties-realm".  The application works fine.
>
> At this point a added a new realm with name "onemore-properties-realm" > through the "Security Realms" portlet.  I have modified the deployment plan > to use this newly added security realm and redeployed the application.  The > security part of this application does not work anymore.  I am getting the 
> following exception on login attempt.
>
>
> 17:41:53,036 INFO  [JAASJettyRealm] problem
> javax.security.auth.login.LoginException:
> java.lang.NullPointerException: target is null
>     at
> org.apache.geronimo.kernel.basic.BasicProxyManager.createProxy (BasicProxyManager.java:104) 
>     at
> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.connect( JaasLoginCoordinator.java:173) 
>     at
> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.initiali ze (JaasLoginCoordinator.java:85) 
>     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
> Method)
>     at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
> Source)
>     at
> sun.reflect.DelegatingMethodAccessorImpl.invoke (Unknown
> Source)
>     at java.lang.reflect.Method.invoke(Unknown Source)
>     at
> javax.security.auth.login.LoginContext.invoke(Unknown
> Source)
>     at
> javax.security.auth.login.LoginContext.access$000 (Unknown
> Source)
>     at javax.security.auth.login.LoginContext$4.run(Unknown
> Source)
>     at java.security.AccessController.doPrivileged(Native
> Method)
>     at
> javax.security.auth.login.LoginContext.invokeModule (Unknown
> Source)
>     at javax.security.auth.login.LoginContext.login(Unknown
> Source)
>     at
> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j ava:92) 
>     at
> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat e(FormAuthenticator.java:305) 
>     at
> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic ator.java:148) 
>     at
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai nUser(SecurityContextBeforeAfter.java:282) 
>     at
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check SecurityConstraints (SecurityContextBeforeAfter.java:191) 
>     at
> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints( JettyWebAppContext.java:520) 
>     at
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch (WebApplicationHandler.java:432) 
>     at
> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java: 568) 
>     at
> org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
>     at
> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationC ontext.java:633) 
>     at
> org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
>     at
> org.mortbay.http.HttpServer.service (HttpServer.java:954)
>     at
> org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
>     at
> org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
>     at
> org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
>     at
> org.mortbay.http.SocketListener.handleConnection(SocketListener.java: 244) 
>     at
> org.mortbay.util.ThreadedServer.handle (ThreadedServer.java:357)
>     at
> org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
>
>     at
> javax.security.auth.login.LoginContext.invoke(Unknown
> Source)
>     at
> javax.security.auth.login.LoginContext.access$000(Unknown
> Source)
>     at javax.security.auth.login.LoginContext$4.run(Unknown
> Source)
>     at java.security.AccessController.doPrivileged (Native
> Method)
>     at
> javax.security.auth.login.LoginContext.invokeModule(Unknown
> Source)
>     at javax.security.auth.login.LoginContext.login(Unknown
> Source)
>     at
> org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.j ava:92) 
>     at
> org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticat e(FormAuthenticator.java:305) 
>     at
> org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthentic ator.java:148) 
>     at
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtai nUser(SecurityContextBeforeAfter.java :282) 
>     at
> org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.check SecurityConstraints(SecurityContextBeforeAfter.java:191) 
>     at
> org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints (JettyWebAppContext.java:520) 
>     at
> org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicatio nHandler.java:432) 
>     at
> org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java :568) 
>     at
> org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
>     at
> org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationC ontext.java:633) 
>     at
> org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
>     at
> org.mortbay.http.HttpServer.service(HttpServer.java:954)
>     at
> org.mortbay.http.HttpConnection.service(HttpConnection.java :816)
>     at
> org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
>     at
> org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
>     at
> org.mortbay.http.SocketListener.handleConnection (SocketListener.java:244) 
>     at
> org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
>     at
> org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
>
>

Reply via email to