tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Petras Petkus" <petras.pet...@mitsoft.lt>
Subject JAAS PropertiesLoginModule configuration
Date Mon, 16 May 2016 11:20:00 GMT
Hello,

 

While configuring JAASRealm with TomEE using PropertiesLoginModule, as
described in http://tomee.apache.org/tomee-jaas.html, I noticed that I
cannot specify different file names for "UsersFile" and "GroupsFile" entries
in login.config file. Configuration works only with fixed "users.properties"
and "groups.properties" file names respectively. Otherwise those files
cannot be found when placed in $CATALINA_BASE/conf/ folder and I get NPE in
PropertiesLoginModule class.

 

The only workaround that allows to use different names is to place those
files in $CATALINA_BASE/lib/ folder.

 

Is it made by design? If so http://tomee.apache.org/tomee-jaas.html probably
should indicate that.

 

Please, could that page also be edited to indicate the correct values of
Realm element's "appName", "userClassNames" and "roleClassNames" attributes?

Instead of the following snippet in the page:

      <Realm className="org.apache.catalina.realm.JAASRealm"
appName="PropertiesLoginModule"

 
userClassNames="org.apache.openejb.core.security.AbstractSecurityService$Use
r"

 
roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Gro
up">

      </Realm>

 

There should be this:

       <Realm className="org.apache.catalina.realm.JAASRealm"
appName="PropertiesLogin"

 
userClassNames="org.apache.openejb.core.security.jaas.UserPrincipal"

 
roleClassNames="org.apache.openejb.core.security.jaas.GroupPrincipal">

       </Realm>

 

The issues with those attributes have already been discussed previously:

.         incorrect "appName" causes "No LoginModules configured for
PropertiesLoginModule" exception
(http://tomee-openejb.979440.n4.nabble.com/JAAS-and-TomEE-td4663678.html)

.         incorrect "userClassNames" and "roleClassNames" values cause 403
errors
(http://stackoverflow.com/questions/16463950/tomee-jaas-sqlloginmodule-and-4
03)

 

Petras

 


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message