Re: JNDI resources available to auth realms?
Thanks for your patches -- I've been using them! In my JAAS Glad to hear it! make in this area. Also, it seems that JNDI *should* work from within the LoginModule since it's documented (by example) in the API docs: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/catalina/docs/api/org/ apache/catalina/realm/JAASRealm.html I'll take responsibility for that, since I wrote that particular part of the documentation. It is a fictitious JAAS configuration entry; as you noted, it doesn't actually work. Hence, this e-mail thread. Speaking of the JAASRealm, I tried to get my LoginModule to load from my webapp's classpath, but with no success. So, what does the useContextClassLoader do, exactly? That property controls which classloader loads the LoginModule (and, presumably, all of the resources it depends on). Here's the Bugzilla entry on it: http://issues.apache.org/bugzilla/show_bug.cgi?id=29406 Thanks, Ian Flanigan If I don't hear anything from other list members, I wlll probably file a bug report. Andrew - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JNDI resources available to auth realms?
On Wed, 5 Jan 2005 18:54:08 -0500, Andrew Jaquith [EMAIL PROTECTED] wrote: Greetings, A while back I did some patch work on the catalina.realm.JAASRealm class. I learned a lot in the process. Thanks for your patches -- I've been using them! In my JAAS LoginModule, I also tried to use JNDI resources, but gave it up for other reasons. I would be very interested in any headway that you make in this area. Also, it seems that JNDI *should* work from within the LoginModule since it's documented (by example) in the API docs: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/catalina/docs/api/org/apache/catalina/realm/JAASRealm.html Speaking of the JAASRealm, I tried to get my LoginModule to load from my webapp's classpath, but with no success. So, what does the useContextClassLoader do, exactly? Thanks, Ian Flanigan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JNDI resources available to auth realms?
Greetings, A while back I did some patch work on the catalina.realm.JAASRealm class. I learned a lot in the process. Shortly thereafter, I wrote a (personal) JAAS LoginModule that uses a JDBC database as the authentication data source. It works great. One of the things I wished I could incorporate into the LoginModule was the ability to leverage Tomcat-managed JNDI resources. That way, I could take advantage of connection pooling, reduce the need to spray credentials into JAAS conf files, etc. I tried to do it, but couldn't make it work. After many days of troubleshooting and debugging, I realized the source of the problem. JNDI resources did not seem to be available to the threads that call JAASRealm (or any other realms, for that matter). I noted that the JDBCRealm has this TODO: Support connection pooling (including message format objects) so that codeauthenticate()/code does not have to be synchronized and would fix the ugly connection logic. Making JNDI resources available to the realms would fix my problem and this one too; all that would be required would be some sort of JNDICallback that JAASCallbackHandler could use to satisfy a JNDI resource request by the JAAS login module. Assuming that making JNDI resources (read-only copies of the global + local context resources) available is a good idea, what's the best way to go about it? I looked at quite a bit of code in catalina/naming and other places; it wasn't very obvious how to do it. Regards, Andrew - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]