tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mansour Al Akeel <mansour.alak...@gmail.com>
Subject Re: Ldap Jaas and standalone container
Date Fri, 13 Aug 2010 14:21:55 GMT
Hello Thiago:
I tried bot hways and none of them worked out for me. I don't know why.

I deleted the definition for PropertiesLogin from login.properties file,
and got the following exception:

javax.naming.AuthenticationException: This principle is not authorized.
[Root exception is javax.security.auth.login.LoginException: No LoginModules configured for
PropertiesLogin]
    at org.apache.openejb.client.JNDIContext.authenticate(JNDIContext.java:173)
        at org.apache.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:114)
        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
        at javax.naming.InitialContext.init(InitialContext.java:223)
        at javax.naming.InitialContext.<init>(InitialContext.java:197)
        at rentals.swing.main.Main.main(Main.java:40)
    Caused by: javax.security.auth.login.LoginException: No LoginModules configured for PropertiesLogin
        at javax.security.auth.login.LoginContext.init(LoginContext.java:273)
        at javax.security.auth.login.LoginContext.<init>(LoginContext.java:418)
        at org.apache.openejb.core.security.SecurityServiceImpl.login(SecurityServiceImpl.java:74)
        at org.apache.openejb.core.security.SecurityServiceImpl.login(SecurityServiceImpl.java:35)
        at org.apache.openejb.server.ejbd.AuthRequestHandler.processRequest(AuthRequestHandler.java:56)
        at org.apache.openejb.server.ejbd.EjbDaemon.processAuthRequest(EjbDaemon.java:204)
        at org.apache.openejb.server.ejbd.EjbDaemon.service(EjbDaemon.java:157)
        at org.apache.openejb.server.ejbd.EjbServer.service(EjbServer.java:71)
        at org.apache.openejb.server.ejbd.KeepAliveServer$Session.service(KeepAliveServer.java:213)
        at org.apache.openejb.server.ejbd.KeepAliveServer.service(KeepAliveServer.java:233)
        at org.apache.openejb.server.ejbd.EjbServer.service(EjbServer.java:66)
        at org.apache.openejb.server.ServicePool$2.run(ServicePool.java:91)
        at org.apache.openejb.server.ServicePool$3.run(ServicePool.java:120)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
        at java.lang.Thread.run(Thread.java:636)


Here's the code I have to connect to the openEJB server, and
authenticate.

    Properties props = new Properties();
    props.setProperty("java.naming.factory.initial", "org.openejb.client.RemoteInitialContextFactory");
    props.setProperty("java.naming.provider.url", "ejbd://localhost:4201");
    props.setProperty("java.naming.security.principal", userName);
    props.setProperty("java.naming.security.credentials", password);
    Context context = null;
    try {
        System.out.println("initializing");
        context = new InitialContext(props);
        }

>From what I have found, in org.apache.openejb.client.JNDIContext:

public Context getInitialContext(Hashtable environment) throws NamingException {
    if (environment == null) {
        throw new NamingException("Invalid argument, hashtable cannot be null.");
    } else {
        env = (Hashtable) environment.clone();
    }

    String userID = (String) env.get(Context.SECURITY_PRINCIPAL);
    String psswrd = (String) env.get(Context.SECURITY_CREDENTIALS);
    String providerUrl = (String) env.get(Context.PROVIDER_URL);
    moduleId = (String) env.get("openejb.client.moduleId");

....

moduleId is always null !
And the environment contains only the four properties I have added, but nothig related to
the realm! 

Any advice ? 

Thank you.



On Fri Aug 13,2010 06:13 am, Thiago Veronezi wrote:
> Hi Mansour,
> The README.txt file talks about a handy property overriding feature... :O)
> 
> ./bin/openejb start -DMyDataSource.username=foo
> 
> Could you try to call...
> ./bin/openejb start -Dopenejb.authentication.realmName=SQLLoginModule
> ?
> 
> tkx,
> Thiago.
> 
> 
> On Fri, Aug 13, 2010 at 5:55 AM, Thiago Veronezi <thiago@veronezi.org>wrote:
> 
> > Hi Mansour,
> > I've made a grep over the conf folder and I found a "realmName" proterty
> > on
> > /openejb-3.1.2/conf/cxf.properties
> >
> > Try to uncomment that config and set
> >
> > realmName = SQLLoginModule
> > hope that helps...
> >
> > []s,
> > Thiago
> >
> >
> > On Thu, Aug 12, 2010 at 10:12 PM, Mansour Al Akeel <
> > mansour.alakeel@gmail.com> wrote:
> >
> >> Thiago:
> >> I still think there's some misunderstanding. I have created the
> >> MyLdapLogin configuration, the issue is telling openEJB to use it.
> >>
> >> To make thinks simpler, how can I tell openEjb to use SQLLogin. Please
> >> note that I am using openEJB from the command wrapper using:
> >>
> >> ${openejb.base}/bin/openejb start
> >>
> >> Thank you in advance.
> >>
> >>
> >> On Thu Aug 12,2010 12:47 pm, Thiago Veronezi wrote:
> >> > Hi Mansour,
> >> > I think it does...
> >> >
> >> > Set your realmName here: ${openejb.base}/conf/login.config
> >> > Use one of the existing realms as example of how to declare it.
> >> >
> >> > Then set...
> >> > props.setProperty("openejb.authentication.realmName", "YourRealmName");
> >> //
> >> > optional
> >> >
> >> > []s,
> >> > Thiago.
> >> >
> >> > On Thu, Aug 12, 2010 at 11:34 AM, Mansour Al Akeel <
> >> > mansour.alakeel@gmail.com> wrote:
> >> >
> >> > > Hi Thiago:
> >> > > I 've had a look at this page earlier. However it doesn't show how
to
> >> > > use the SQLLogin Module to authenticate. By default it uses the
> >> > > PropertiesLogin.
> >> > > I hope this makes things clear. With regard to the the LDAP login
> >> > > module, I am not worried about it at this point. The main issue is
how
> >> > > to configure the standalone ejb container to use different realm !
> >> > >
> >> > >
> >> > > On Thu Aug 12,2010 10:02 am, Thiago Veronezi wrote:
> >> > > > Hi Mansour,
> >> > > > Check this link...
> >> > > > http://openejb.apache.org/3.0/security.html
> >> > > > <http://openejb.apache.org/3.0/security.html>My guess is
that you
> >> will
> >> > > > probably need to create your own loginModule for that.
> >> > > > []s,
> >> > > > Thiago.
> >> > > >
> >> > > > On Thu, Aug 12, 2010 at 9:43 AM, Mansour Al Akeel <
> >> > > mansour.alakeel@gmail.com
> >> > > > > wrote:
> >> > > >
> >> > > > > I am devleoping an application and testing it using the
standalone
> >> > > > > openejb. The default configuraiton for the security uses
> >> > > > > PropertiesLogin, and there's the SQLLogin. Both are located
at
> >> > > > > $OPENEJB_HOME/conf/login.properties.
> >> > > > >
> >> > > > > How do I configure the standalone container to use something
other
> >> that
> >> > > > > PropertiesLogin ?
> >> > > > >
> >> > > > > Anyone had success with a directory services (ie, apacheDS,
> >> openLDAP) ?
> >> > > > >
> >> > > > >
> >> > > > >
> >> > >
> >>
> >
> >

Mime
View raw message