[
https://issues.apache.org/jira/browse/GERONIMO-4865?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12754093#action_12754093
]
Ashish Jain commented on GERONIMO-4865:
---------------------------------------
Just a history of what all has been done on this:
Initial trials suggested that there were some unreconganised options being
added. The following error was thrown in the very first try
javax.security.auth.login.LoginException: Bad JAAS configuration: unrecognized
option: org.apache.geronimo.security.realm.GenericSecurityRealm.SERVERINFO
at
com.ibm.security.jgss.i18n.I18NException.throwLoginException(I18NException.java:16)
at
com.ibm.security.auth.module.Krb5LoginModule.b(Krb5LoginModule.java:412)
at
com.ibm.security.auth.module.Krb5LoginModule.a(Krb5LoginModule.java:171)
at
com.ibm.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:374)
at
org.apache.geronimo.security.jaas.ClassOptionLoginModule.login(ClassOptionLoginModule.java:60)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:795)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:209)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:709)
at
java.security.AccessController.doPrivileged(AccessController.java:246)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:706)
at javax.security.auth.login.LoginContext.login(LoginContext.java:603)
at
org.apache.geronimo.security.ContextManager.login(ContextManager.java:76)
at
org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:294)
at
org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:260)
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
at
org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:406)
at
org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve.invoke(GeronimoBeforeAfterValve.java:47)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
Similarly errors were thrown for
org.apache.geronimo.security.realm.GenericSecurityRealm.KERNEL and
org.apache.geronimo.security.realm.GenericSecurityRealm.CLASSLOADER
so as to overcome this these options were removed by using a custom login module
Attaching the initial version of the Kerberos Login module with the name
KerberosLoginModule.java_initial
> Login module to enable Kerberos authentication
> -----------------------------------------------
>
> Key: GERONIMO-4865
> URL: https://issues.apache.org/jira/browse/GERONIMO-4865
> Project: Geronimo
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: security
> Reporter: Ashish Jain
> Assignee: Ashish Jain
> Fix For: 2.2
>
> Attachments: KerberosLoginModule.java
>
>
> A new login module for using the kerberos authentication mechanism in
> geronimo.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
