(weblogic.security.auth.login.UsernamePasswordLoginModule). ... The subject build by weblogic is used to create a GenericPrincipal used internally by Tomcat.
I got a bit further than this using our own custom-made JAASLoginModule to retrieve Principals from a database.
We encountered the fact that Tomcat only returns a generic Principal (not the Principal that we created, despite it being configured that way in server.xml), so we did what you did... extracted the information from the GenericPrincipal (username and password), then made our own UserPrincipal, which we stored in a session.
This was in Tomcat 5.0.19 and everything worked, although we had this nagging feeling that it wasn't quite right. Why weren't we receiving our own UserPrincipal?
Then we tried upgrading to Tomcat 5.0.25 (and later).
When we try to log in to a page configured to be protected, we get the following error:
javax.servlet.ServletException: WILDCARD_PRINCIPAL_CLASS
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:244)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
...
root cause
java.lang.ClassCircularityError: WILDCARD_PRINCIPAL_CLASS
java.lang.Class.forName0(Native Method)
java.lang.Class.forName(Class.java:219)
sun.security.provider.PolicyFile.addPermissions(PolicyFile.java:1335)
sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1238)
sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1201)
sun.security.provider.PolicyFile.getPermissions(PolicyFile.java:1144)
sun.security.provider.PolicyFile.implies(PolicyFile.java:1099)
java.security.ProtectionDomain.implies(ProtectionDomain.java:189)
...
This is pretty confusing. Has anyone seen this? What does it mean? I can't find any mention of anything that helps in the Tomcat documentation, and so far nothing in various JAAS and Security documentation.
Does anyone have a working JAASRealm module, with example server.xml, catalina.policy, web.xml and other files?
I'd give my right arm to have an answer to this. Currently, our only solution is to stick with 5.0.19.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
