[ http://issues.apache.org/jira/browse/GERONIMO-1782?page=all ]
Paul McMahan updated GERONIMO-1782: ----------------------------------- Attachment: GERONIMO-1782.patch The problem is that when the updated LoginModuleSettings options are serialized to config.xml the o.a.g.common.propertyeditor.PropertiesEditor inherits its getAsText() method from PropertyEditorSupport, which simply returns the String value of the Properties object. That inherited method does not provide a string version of the properties object that is suitable for loading into a new Properties object when the server restarts. The attached patch overrides the getAsText() method, using Properites#store to create the text value of the Properties object. > Properties File Login module fails after editing through Admin Console > ---------------------------------------------------------------------- > > Key: GERONIMO-1782 > URL: http://issues.apache.org/jira/browse/GERONIMO-1782 > Project: Geronimo > Type: Bug > Security: public(Regular issues) > Components: common > Versions: 1.0, 1.2, 1.1 > Environment: Win XP, Sun JDK 1.4.2_08 > Reporter: Vamsavardhana Reddy > Fix For: 1.1 > Attachments: GERONIMO-1782.patch > > Geronimo-properties-realm fails to initialize after editing the realm thru > Admin Console. > Steps to reproduce the problem. > 1. Open the "Security Realms" portlet in Admin Console. > 2. Click on "edit" link provided next to "geronimo-properties-realm. > 3. Click on "Save" button in the next page. PS: No need to edit anything in > this page. > 4. Restart the server. > 5. Access Admin Console to notice that the realm nolonger works. > NOTE: To make the realm work again, stop the server and remove the following > xml fragment from var/config/config.xml > <gbean > name="geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-security/1.0/car,J2EEServer=geronimo,j2eeType=LoginModule,name=properties-login"> > <attribute name="options">{usersURI=var/security/users.properties, > groupsURI=var/security/groups.properties}</attribute> > <attribute name="serverSide">True</attribute> > <attribute name="wrapPrincipals">False</attribute> > <attribute > name="loginModuleClass">org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule</attribute> > </gbean> > At step 5, the following exception is logged to geronimo.log. > 13:53:41,950 ERROR [PropertiesFileLoginModule] Initialization failed > java.lang.IllegalArgumentException: Both usersURI and groupsURI must be > provided! > at > org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule.initialize(PropertiesFileLoginModule.java:77) > at > org.apache.geronimo.security.jaas.server.JaasLoginService.getServerLoginCallbacks(JaasLoginService.java:205) > at > org.apache.geronimo.security.jaas.server.JaasLoginService$$FastClassByCGLIB$$95b84fc9.invoke(<generated>) > at net.sf.cglib.reflect.FastMethod.invoke(FastMethod.java:53) > at > org.apache.geronimo.gbean.runtime.FastMethodInvoker.invoke(FastMethodInvoker.java:38) > at > org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:118) > at > org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:800) > at > org.apache.geronimo.gbean.runtime.RawInvoker.invoke(RawInvoker.java:57) > at > org.apache.geronimo.kernel.basic.RawOperationInvoker.invoke(RawOperationInvoker.java:36) > at > org.apache.geronimo.kernel.basic.ProxyMethodInterceptor.intercept(ProxyMethodInterceptor.java:96) > at > org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean$$EnhancerByCGLIB$$7dca63e6.getServerLoginCallbacks(<generated>) > at > org.apache.geronimo.security.jaas.client.ServerLoginProxy.login(ServerLoginProxy.java:68) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.performLogin(JaasLoginCoordinator.java:189) > at > org.apache.geronimo.security.jaas.client.JaasLoginCoordinator.login(JaasLoginCoordinator.java:113) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) > at java.lang.reflect.Method.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.invoke(Unknown Source) > at javax.security.auth.login.LoginContext.access$000(Unknown Source) > at javax.security.auth.login.LoginContext$4.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) > at javax.security.auth.login.LoginContext.login(Unknown Source) > at > org.apache.geronimo.jetty.JAASJettyRealm.authenticate(JAASJettyRealm.java:94) > at > org.mortbay.jetty.servlet.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:305) > at > org.mortbay.jetty.servlet.FormAuthenticator.authenticate(FormAuthenticator.java:148) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.obtainUser(SecurityContextBeforeAfter.java:282) > at > org.apache.geronimo.jetty.interceptor.SecurityContextBeforeAfter.checkSecurityConstraints(SecurityContextBeforeAfter.java:191) > at > org.apache.geronimo.jetty.JettyWebAppContext.checkSecurityConstraints(JettyWebAppContext.java:585) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:432) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1530) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1482) > at org.mortbay.http.HttpServer.service(HttpServer.java:909) > at org.mortbay.http.HttpConnection.service(HttpConnection.java:816) > at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982) > at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833) > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) > at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) > at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira