tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Romain Manni-Bucau <rmannibu...@gmail.com>
Subject Re: JAAS PropertiesLoginModule configuration
Date Mon, 16 May 2016 11:40:36 GMT
Hi

Yes it is by design:
https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/ConfUtils.java#L36

Nothing preventing to enhance it to add a flag to have the behavior you
expect - and even add caching. Just do a PR on github.

Feel free to edit the website with the blue peen icon to fix the config.
Think it was the old names or parent classes at some point.
Le 16 mai 2016 13:20, "Petras Petkus" <petras.petkus@mitsoft.lt> a écrit :

> Hello,
>
>
>
> While configuring JAASRealm with TomEE using PropertiesLoginModule, as
> described in http://tomee.apache.org/tomee-jaas.html, I noticed that I
> cannot specify different file names for "UsersFile" and "GroupsFile"
> entries
> in login.config file. Configuration works only with fixed
> "users.properties"
> and "groups.properties" file names respectively. Otherwise those files
> cannot be found when placed in $CATALINA_BASE/conf/ folder and I get NPE in
> PropertiesLoginModule class.
>
>
>
> The only workaround that allows to use different names is to place those
> files in $CATALINA_BASE/lib/ folder.
>
>
>
> Is it made by design? If so http://tomee.apache.org/tomee-jaas.html
> probably
> should indicate that.
>
>
>
> Please, could that page also be edited to indicate the correct values of
> Realm element's "appName", "userClassNames" and "roleClassNames"
> attributes?
>
> Instead of the following snippet in the page:
>
>       <Realm className="org.apache.catalina.realm.JAASRealm"
> appName="PropertiesLoginModule"
>
>
>
> userClassNames="org.apache.openejb.core.security.AbstractSecurityService$Use
> r"
>
>
>
> roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Gro
> up">
>
>       </Realm>
>
>
>
> There should be this:
>
>        <Realm className="org.apache.catalina.realm.JAASRealm"
> appName="PropertiesLogin"
>
>
> userClassNames="org.apache.openejb.core.security.jaas.UserPrincipal"
>
>
> roleClassNames="org.apache.openejb.core.security.jaas.GroupPrincipal">
>
>        </Realm>
>
>
>
> The issues with those attributes have already been discussed previously:
>
> .         incorrect "appName" causes "No LoginModules configured for
> PropertiesLoginModule" exception
> (http://tomee-openejb.979440.n4.nabble.com/JAAS-and-TomEE-td4663678.html)
>
> .         incorrect "userClassNames" and "roleClassNames" values cause 403
> errors
> (
> http://stackoverflow.com/questions/16463950/tomee-jaas-sqlloginmodule-and-4
> 03)
>
>
>
> Petras
>
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message