Hi
There were problem in environment variables, I set all environment variables
correctly and its seems to be working :)
Now tomcat is understanding Slide user database, tomcat-users.xml not required
anymore for authentication.
I was checking this using DAVExplorer but now I need to implement and use API
for authentication, so
Is that JAAS package will help me in this, shall I need to use those API for
authentication from my custom jsp client?
Do you have any idea how can I directly use same authentication way like
DAVExplorer using?
Regards,
Satish
----- Original Message -----
From: kiltesh patel
To: Slide Users Mailing List ; Satish
Sent: Saturday, September 15, 2007 10:15 PM
Subject: Re: Authentication with Slide - Slide vs tomcat Realm
Hi Satish,
try this...
1. 5) Set environment variable CATALINA_OPTS=-Djava.security.auth.login
.config=$CATALINA_HOME/conf/jaas
.config
In place of = use == to set catalina_opts
2. Also, appName="slide_login" name should exactly match in config.jaas file
slide_login {....
3. You can also try using JAVA_OPTS instead of CATALINA_OPTS
4. Also, check your classpath if it finds jaas.config and
userClassNames="org.apache.slide.jaas.spi
.SlidePrincipal"
roleClassNames="org.apache.slide.jaas.spi.SlideRole"
are in classpah.
Regards
Kiltesh
On 9/15/07, Satish <[EMAIL PROTECTED]> wrote:
Hi Arne
Using your guidelines I tried configuring JAAS with Slide.
I did something like:
1)
Configure tomcat web.xml to have
<Context path="/slide" debug="0" privileged="true" useNaming="true">
<Realm className="org.apache.catalina.realm.JAASRealm "
appName="slide_login"
userClassNames="org.apache.slide.jaas.spi.SlidePrincipal"
roleClassNames="org.apache.slide.jaas.spi.SlideRole"
name="Slide DAV Server"
useContextClassLoader="false" />
</Context>
in Host.
2) Copied jaas.config file in conf folder of tomcat
3) Copied slide-jaas-2.1.jar in \\Tomcat 5.5\common\lib folder
4) Uncommented <security-constraint> from Slide web.xml
5) Set environment variable
CATALINA_OPTS=-Djava.security.auth.login.config=$CATALINA_HOME/conf/jaas
.config
Retsrated tomcat server and then tried connecting Slide using Web DAV
Explorer client provided by Slide, but when I tried login, tomcat log says:
Unable to locate a login configuration...here is the error for details
Sep 15, 2007 8:26:27 PM org.apache.catalina.realm.JAASRealm authenticate
SEVERE: Unexpected error
java.lang.SecurityException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance (Unknown Source)
at javax.security.auth.login.Configuration$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.Configuration.getConfiguration(Unknown Source)
at javax.security.auth.login.LoginContext$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.init(Unknown Source)
at javax.security.auth.login.LoginContext .<init>(Unknown Source)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:355)
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:446)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:107)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection
(Http11Protocol.java:738)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:526)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.init (Unknown Source)
... 27 more
Do you have idea if I am missing out anything here.
Regards,
Satish
----- Original Message -----
From: "Arne v.Irmer" < [EMAIL PROTECTED]>
To: "Slide Users Mailing List" <slide-user@jakarta.apache.org>
Sent: Friday, September 14, 2007 4:22 PM
Subject: Re: Authentication with Slide - Slide vs tomcat Realm
> Hi Satish,
> things are easy, if you look at the used technics: Silde is a servlet in
> tomcat and uses the authentication mechanism of tomcat. This includes
> such nice things like the sso-Valve.
> What you have to implement a user management that does both:
> 1. Creating/Deleting the user in silde by just creating/deleting a
> collection with the user name in /user (default value). Tip: Look at the
> powerful roles mechanism in slide.
> 2. Doing the JAAS-Authentication.
> This is how we did it here.
>
> Yours
> Arne
>
> Satish schrieb:
> > Hey Arne
> >
> > Thanks for quick reponse.
> >
> > Do you mean here that I should take steps below to implemnt
authetication,
> >
> > - configure Slide realm, configure tomcat to use Slide users for
> > authentication
> > - configure JAAS for tomcat
> > - use JAAS API to authenticate the requests,
> > so here JAAS will ask tomcat for authetication -> tomcat will check
Slide
> > user database
> >
> > Is is somthing gonna happen...?
> >
> > Thanks.
> >
> >
> > Regards,
> > Satish
> >
> >
> > ----- Original Message -----
> > From: "Arne v.Irmer" <[EMAIL PROTECTED]>
> > To: "Slide Users Mailing List" < slide-user@jakarta.apache.org>
> > Sent: Friday, September 14, 2007 2:50 PM
> > Subject: Re: Authentication with Slide - Slide vs tomcat Realm
> >
> >
> >
> >> Hi Satish,
> >> look for JAAS-Authentication that is a standard API that works pretty
> >> well with tomcat. A good introduction is found at
> >> http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas.html
> >>
> >> Yours
> >> Arne
> >>
> >> Satish schrieb:
> >>
> >>> Hi
> >>>
> >>> I need to authentication with Slide, there are two ways I can see
> >>>
> >>> I am thinking of using Slide realm and configuring tomcat to use
Slide
> >>>
> > user database for authentication.
> >
> >>> Otherwise if I rely completely on tomcat realm, typical
tomcat-users.xml
> >>>
> > file based, authetication, I need to add user two places - Slide and
> > tomcat-user, which is problem.
> >
> >>> Can any body suggests on
> >>> #1 how can I configure tomcat to use the Slide users for
authentication?
> >>> #2 how can I actually autheticate request of tomcat programatically,
is
> >>>
> > any API available?
> >
> >>> What I am looking for is authenticating user with Slide.
> >>>
> >>> Any suggestion is valuable for me.
> >>>
> >>> Regards,
> >>> Satish
> >>>
> >>> Disclaimer:
> >>> This e-mail may contain Privileged/Confidential information and is
> >>>
> > intended only for the individual(s) named. Any review, retransmission,
> > dissemination or other use of, or taking of any action in reliance upon
this
> > information by persons or entities other than the intended recipient is
> > prohibited. Please notify the sender, if you have received this e-mail
by
> > mistake and delete it from your system. Information in this message that
> > does not relate to the official business of the company shall be
understood
> > as neither given nor endorsed by it. E-mail transmission cannot be
> > guaranteed to be secure or error-free. The sender does not accept
liability
> > for any errors or omissions in the contents of this message which arise
as a
> > result of e-mail transmission. If verification is required please
request a
> > hard-copy version. Visit us at http://www.harbinger-systems.com/
> >
> >>>
> >>>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >
> > Disclaimer:
> > This e-mail may contain Privileged/Confidential information and is
intended only for the individual(s) named. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon this
information by persons or entities other than the intended recipient is
prohibited. Please notify the sender, if you have received this e-mail by
mistake and delete it from your system. Information in this message that does
not relate to the official business of the company shall be understood as
neither given nor endorsed by it. E-mail transmission cannot be guaranteed to
be secure or error-free. The sender does not accept liability for any errors or
omissions in the contents of this message which arise as a result of e-mail
transmission. If verification is required please request a hard-copy version.
Visit us at http://www.harbinger-systems.com/
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
Disclaimer:
This e-mail may contain Privileged/Confidential information and is intended
only for the individual(s) named. Any review, retransmission, dissemination or
other use of, or taking of any action in reliance upon this information by
persons or entities other than the intended recipient is prohibited. Please
notify the sender, if you have received this e-mail by mistake and delete it
from your system. Information in this message that does not relate to the
official business of the company shall be understood as neither given nor
endorsed by it. E-mail transmission cannot be guaranteed to be secure or
error-free. The sender does not accept liability for any errors or omissions in
the contents of this message which arise as a result of e-mail transmission. If
verification is required please request a hard-copy version. Visit us at
http://www.harbinger-systems.com/
Disclaimer:
This e-mail may contain Privileged/Confidential information and is intended
only for the individual(s) named. Any review, retransmission, dissemination or
other use of, or taking of any action in reliance upon this information by
persons or entities other than the intended recipient is prohibited. Please
notify the sender, if you have received this e-mail by mistake and delete it
from your system. Information in this message that does not relate to the
official business of the company shall be understood as neither given nor
endorsed by it. E-mail transmission cannot be guaranteed to be secure or
error-free. The sender does not accept liability for any errors or omissions in
the contents of this message which arise as a result of e-mail transmission. If
verification is required please request a hard-copy version. Visit us at
http://www.harbinger-systems.com/
