I've been seeing the same thing trying to run tck tests.
Joe Jarek Gawor wrote:
David, I'm not sure if anybody else is seeing this but I'm unable to reliably start a server after this change. Here's the error I get (from time to time when I try to start the server): 2008-12-04 22:26:45,686 ERROR [GBeanInstanceState] Error while starting; GBean is now in the FAILED state: abstractName="org.apache.geronimo.plugins.monitoring/agent/2.2-SNAPSHOT/car?EJBModule =org.apache.geronimo.plugins.monitoring/agent/2.2-SNAPSHOT/car,J2EEApplication=null,j2eeType=JACCManager,name=JACCManager" javax.security.auth.login.LoginException: No LoginModules configured for monitoring-runas-realm at javax.security.auth.login.LoginContext.init(LoginContext.java:256) at javax.security.auth.login.LoginContext.<init>(LoginContext.java:499) at org.apache.geronimo.security.ContextManager.login(ContextManager.java:83) at org.apache.geronimo.security.credentialstore.SimpleCredentialStoreImpl.getSubject(SimpleCredentialStoreImpl.java:100) at org.apache.geronimo.security.jacc.ApplicationPolicyConfigurationManager.<init>(ApplicationPolicyConfigurationManager.java:111) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:494) at org.apache.xbean.recipe.ReflectionUtil$ConstructorFactory.create(ReflectionUtil.java:882) at org.apache.xbean.recipe.ObjectRecipe.internalCreate(ObjectRecipe.java:272) at org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:96) at org.apache.xbean.recipe.AbstractRecipe.create(AbstractRecipe.java:61) Jarek On Thu, Dec 4, 2008 at 3:35 AM, <[EMAIL PROTECTED]> wrote:Author: djencks Date: Thu Dec 4 00:35:20 2008 New Revision: 723242 URL: http://svn.apache.org/viewvc?rev=723242&view=rev Log: GERONIMO-4415 Use new SimpleCredentialStore isolation features Modified: geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/plan.xml Modified: geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/plan.xml URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/plan.xml?rev=723242&r1=723241&r2=723242&view=diff ============================================================================== --- geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/plan.xml (original) +++ geronimo/server/trunk/plugins/monitoring/agent/src/main/plan/plan.xml Thu Dec 4 00:35:20 2008 @@ -22,6 +22,7 @@ xmlns="http://www.openejb.org/xml/ns/openejb-jar-2.1"; xmlns:sec="http://geronimo.apache.org/xml/ns/security-2.0"; xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.2"; + xmlns:nam="http://geronimo.apache.org/xml/ns/naming-1.2"; xmlns:cs="http://geronimo.apache.org/xml/ns/credentialstore-1.0";> @@ -37,7 +38,7 @@ <sys:name>monitoring-credential-store</sys:name> </sec:credential-store-ref> <sec:default-subject> - <sec:realm>geronimo-admin</sec:realm> + <sec:realm>monitoring-runas-realm</sec:realm> <sec:id>monitoring-user</sec:id> </sec:default-subject> <sec:role-mappings> @@ -58,20 +59,43 @@ <sys:gbean name="monitoring-credential-store" class="org.apache.geronimo.security.credentialstore.SimpleCredentialStoreImpl"> <sys:xml-attribute name="credentialStore"> <cs:credential-store> - <cs:realm name="geronimo-admin"> + <cs:realm name="monitoring-runas-realm"> <cs:subject> <cs:id>monitoring-user</cs:id> <cs:credential> <cs:type>org.apache.geronimo.security.credentialstore.NameCallbackHandler</cs:type> - <cs:value>system</cs:value> - </cs:credential> - <cs:credential> - <cs:type>org.apache.geronimo.security.credentialstore.PasswordCallbackHandler</cs:type> - <cs:value>manager</cs:value> + <cs:value>admin</cs:value> </cs:credential> </cs:subject> </cs:realm> </cs:credential-store> </sys:xml-attribute> + <sys:reference name="Realms"> + <sys:name>monitoring-runas-realm</sys:name> + </sys:reference> + <sys:dependency> + <nam:name>monitoring-runas-realm</nam:name> + </sys:dependency> </sys:gbean> + + <gbean name="monitoring-runas-realm" + class="org.apache.geronimo.security.realm.GenericSecurityRealm"> + <attribute name="realmName">monitoring-runas-realm</attribute> + <attribute name="publish">false</attribute> + <xml-reference name="LoginModuleConfiguration"> + <lc:login-config xmlns:lc="http://geronimo.apache.org/xml/ns/loginconfig-1.2";> + <lc:login-module control-flag="REQUIRED"> + <lc:login-domain-name>monitoring-runas-domain</lc:login-domain-name> + <lc:login-module-class>org.apache.geronimo.security.credentialstore.RunAsLoginModule</lc:login-module-class> + <lc:option name="principalClass">org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal</lc:option> + <lc:option name="principalNames">admin</lc:option> + </lc:login-module> + </lc:login-config> + </xml-reference> + <!--<reference name="ServerInfo">--> + <!--<name>ServerInfo</name>--> + <!--</reference>--> + </gbean> + + </openejb-jar>
