Hi,
I have realm deployed to server and i get the following INFO
[GeronimoLoginConfiguration] Added Application Configuration Entry ldap-realm
In latest build for M5 i am unable to get the realms to work except
geronimo-properties.realm which is loaded by default.
[GeronimoLoginConfiguration] Added Application Configuration Entry
geronimo-properties-realm
The other realms like file-realm,ldap-realm though deployed
successfully i am unable to access.
I get following error messages for file and ldap realm.
12:14:19,658 DEBUG [TomcatGeronimoRealm] JAASRealm login requested for
username "system" using LoginContext for application "file-realm"
12:14:27,169 DEBUG [ManagerBase] Start expire sessions StandardManager
at 1128926667169 sessioncount 0
12:14:27,169 DEBUG [ManagerBase] End expire sessions StandardManager
processingTime 0 expired sessions: 0
12:14:34,510 ERROR [TomcatGeronimoRealm] Unexpected error
javax.security.auth.login.LoginException: No LoginModules configured
for file-realm
at javax.security.auth.login.LoginContext.init(LoginContext.java:211)
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:426)
at
org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:356)
at
org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm.authenticate(TomcatGeronimoRealm.java:324)
at
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:256)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:391)
at
org.apache.geronimo.tomcat.valve.DefaultSubjectValve.invoke(DefaultSubjectValve.java:46)
at
org.apache.geronimo.tomcat.valve.PolicyContextValve.invoke(PolicyContextValve.java:50)
at
org.apache.geronimo.tomcat.valve.TransactionContextValve.invoke(TransactionContextValve.java:53)
at
org.apache.geronimo.tomcat.valve.ComponentContextValve.invoke(ComponentContextValve.java:47)
at
org.apache.geronimo.tomcat.valve.InstanceContextValve.invoke(InstanceContextValve.java:60)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:526)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:567)
and
the same message for LDAP realm.
I am not sure what i am missing here or wrong in the configuration.
<?xml version="1.0" encoding="UTF-8"?>
<configuration
xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0";
configId="org/apache/geronimo/file"
parentId="org/apache/geronimo/Server"
>
<gbean name="file-login"
class="org.apache.geronimo.security.jaas.LoginModuleGBean">
<attribute
name="loginModuleClass">org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule</attribute>
<attribute name="serverSide">true</attribute>
<attribute name="options">
usersURI=var/security/users.properties
groupsURI=var/security/groups.properties
</attribute>
<attribute name="loginDomainName">file-realm</attribute>
</gbean>
<gbean name="file-realm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">file-realm</attribute>
<reference name="LoginModuleConfiguration">
<name>file-login</name>
</reference>
<reference name="ServerInfo">
<module>org/apache/geronimo/System</module>
<name>ServerInfo</name>
</reference>
<reference
name="LoginService"><module>org/apache/geronimo/Server</module><name>JaasLoginService</name></reference>
</gbean>
<gbean name="file-login"
class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
<attribute name="controlFlag">REQUIRED</attribute>
<reference name="LoginModule">
<name>file-login</name>
</reference>
</gbean>
</configuration>
I have a similar plan for LDAP.
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0";
xmlns:sec="http://geronimo.apache.org/xml/ns/security"; configId="file"
parentId="org/apache/geronimo/file">
<context-root>/FileTomCatWeb</context-root>
<context-priority-classloader>false</context-priority-classloader>
<security-realm-name>file-realm</security-realm-name>
<security>
<default-principal realm-name="file-realm">
<principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="system" />
</default-principal>
<role-mappings>
<role role-name="admin">
<realm realm-name="file-realm">
<principal
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
name="admin" designated-run-as="true" />
<principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="system" />
</realm>
</role>
<role role-name="users">
<realm realm-name="file-realm">
<principal
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
name="users" designated-run-as="true" />
<principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="user1" />
<principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="user2" />
</realm>
</role>
<role role-name="guest">
<realm realm-name="file-realm">
<principal
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
name="guest" designated-run-as="true" />
<principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="guest1" />
</realm>
</role>
</role-mappings>
</security>
</web-app>
I am unable to get both to work in latest geronimo-M5 i installed.
Regards
Krishnakumar
