DO NOT REPLY [Bug 30869] - JAAS module name is not allowed in jaas.conf file
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=30869. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=30869 JAAS module name is not allowed in jaas.conf file [EMAIL PROTECTED] changed: What|Removed |Added Status|NEW |RESOLVED Resolution||FIXED --- Additional Comments From [EMAIL PROTECTED] 2004-09-20 16:15 --- OK, done for both 5.0.29 and 5.5.3. My initial implementation is simply to remove leading slash if one is present. I made the relevant method protected so extenders of JAASRealm can easily modify this behavior. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 30869] - JAAS module name is not allowed in jaas.conf file
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
http://issues.apache.org/bugzilla/show_bug.cgi?id=30869.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=30869
JAAS module name is not allowed in jaas.conf file
--- Additional Comments From [EMAIL PROTECTED] 2004-08-31 09:00 ---
I'm not sure I can find the code for the barf, because I don't have the Sun
source code :-)
I think the problem is in com.sun.security.auth.login.ConfigFile which is the
class reading the jaas.config file (actually, the name isn't relevant -- it's
the file pointed to by the URL in -Djava.security.auth.login.config or by
default in ${user.home}/.java.login.config)
The JavaDoc isn't up to much: ConfigFile is
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html
which says it parses the file with the syntax described in:
http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/login/Configuration.html
and all it says in there is
Each entry in the Configuration is indexed via an application name.
ApplicationName {
ModuleClass FlagModuleOptions;
ModuleClass FlagModuleOptions;
ModuleClass FlagModuleOptions;
};
So Tomcat is setting the name OK programmatically, but the ConfigFile parser
only seems to allow [a-zA-Z]+ as the ApplicationName, so fails at the initial /
Thus, if you try and use a config file:
/MyAppRoot {
com.example.LoginModule required;
};
then the ConfigFile parser doesn't successfully read it.
It seems that the ConfigFile uses lazy loading, so it doesn't parse the first
login request when using JAAS.
Sorry, can't paste in .diff format; I don't have the Tomcat source code on a
machine with a '.diff' command -- I just eyeballed the problem to find out why
the name was being set with a leading '/'.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 30869] - JAAS module name is not allowed in jaas.conf file
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=30869. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=30869 JAAS module name is not allowed in jaas.conf file --- Additional Comments From [EMAIL PROTECTED] 2004-08-31 00:10 --- Can you point to the class or code in Sun Security that barfs at the leading slash please? Also if you could attach your suggested patch in .diff format, that'd be great. Thanks ;) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
DO NOT REPLY [Bug 30869] - JAAS module name is not allowed in jaas.conf file
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT http://issues.apache.org/bugzilla/show_bug.cgi?id=30869. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=30869 JAAS module name is not allowed in jaas.conf file --- Additional Comments From [EMAIL PROTECTED] 2004-08-26 14:59 --- Of course, I meant 'name=name.substring(1)'. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
