Message:
The following issue has been closed.
Resolver: Scott T Weaver
Date: Sun, 23 May 2004 9:23 PM
Patch applied to to HEAD. We can create a new issue for the Tomcat 5 issues later on.
Regards,
Scott
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/JS2-52
Here is an overview of the issue:
---------------------------------------------------------------------
Key: JS2-52
Summary: JAAS Authentication
Type: New Feature
Status: Closed
Priority: Major
Resolution: FIXED
Project: Jetspeed 2
Components:
Security
Fix Fors:
2.0-a1
Versions:
2.0-a1
Assignee:
Reporter: Ate Douma
Created: Sun, 23 May 2004 6:57 PM
Updated: Sun, 23 May 2004 9:23 PM
Environment: WindowsXP, J2SE 1.4.2_03, Hsqldb, Oracle 9.2.0.1, Tomcat 4.1.29, Tomcat
5.0.24
Description:
I've succeeded in enabling the JAAS Authentication for J2 with the RdbmsLoginModule on
Tomcat 4 (4.1.29 tested).
I will attach the patch file for this.
I only needed to fix one thing in the SecurityProviderImpl, define the JAASRealm in
Jetspeed.xml and correct the realm reference in Jetspeed web.xml, and it worked!
I added a few user principals and their credentials to the default userinfo seeding
sql script (both default and oracle scripts):
admin/admin
manager/manager
user/user
tomcat/tomcat
jetspeed/jetspeed
I also added three role pricipals: admin, manager, user.
To the first three users I attached these roles:
admin: admin, manager, user
manager: manager, user
user: user
These user/role definitions are the same as I described for testing the
RoleSecurityTest portlet (see the help page of that portlet).
On Tomcat 4, we can now login using the RdbmsLoginModule and properly use the security
object model.
So far the good news.
Now the bad and the ugly: it doesn't work on Tomcat 5!
It turns out Tomcat 5 uses its own classloader to load JAAS login modules and thus
fails to find the RdbmsLoginModule.
Thats really bad because the security component jar cannot simply be put into the
Tomcat common/lib or server/lib folder because it depends on other J2 classes also.
So we need another solution for Tomcat 5.
For the time being I prefer getting it working on Tomcat 4 and then finding a solution
which works on both 4 and 5.
One note for MySql users: I've modified both the default and the oracle version of
populate-userinfo-for-default-psml.sql. I have the feeling the default won't work with
MySql. Someone running MySql might have to look into this.
Regards,
Ate
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
