tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mansour Al Akeel <mansour.alak...@gmail.com>
Subject Re: Ldap Jaas and standalone container
Date Mon, 16 Aug 2010 18:54:21 GMT
Hello Thiago,
Thank you a lot for your time. I will try this projet as soon as I can
and report the results.



On Sun Aug 15,2010 11:27 am, Thiago Veronezi wrote:
> Hi Mansour,
> I wasnt able to reproduce your problem. I've create a really simple project
> to test it, and the realName property is running fine. You can try
> yourself... steps below...
> 
> * Download the project source here:
> http://dl.dropbox.com/u/1459144/securitytest.tar.gz
> * Extract this file and run "mvn clean install"
> * Download the openejb stand-alone server here
> http://www.apache.org/dyn/closer.cgi/openejb/3.1.2/openejb-3.1.2.tar.gz
> * Extract the openejb gz and run the server for the first time.
> * Stop the server
> * Go to the securitytest/ejblayer/target/lib folder and copy all the files
> there to the openejb/lib folder
> * Copy the jar under securitytest/ejblayer/target/ to the openejb/apps
> folder
> * Start the server again
> * Go to the securitytest/clientlayer/target/ folder and run "java -jar
> clientlayer.jar remote SQLLogin"
> 
> You are going to see an exception like "Table not found in statement [SELECT
> user, password FROM users WHERE user = ?]", proving that the realmName
> property is being used.
> 
> I'm using openejb 3.1.2. You can check this project code to see what you are
> doing wrong.
> Hope that helps...
> []s,
> Thiago
> 
> On Sat, Aug 14, 2010 at 11:01 AM, Mansour Al Akeel <
> mansour.alakeel@gmail.com> wrote:
> 
> > Thiago:
> > I appreciate your help. A small tip that may help you. You can even try
> > to set the realmName in an embeeded container. It didn't work for me.
> > For example:
> >
> > public static void main(String[] args) {
> >
> >    Properties p = new Properties();
> >    p.put(Context.INITIAL_CONTEXT_FACTORY,
> > "org.apache.openejb.client.LocalInitialContextFactory");
> >    p.put("openejb.home", "/home/mansour/openejb-3.1.2");
> >    p.put("openejb.authentication.realmName", "SQLLogin");
> >    Context context;
> >
> >    try {
> >        context = new InitialContext(p);
> >    }
> >    catch (NamingException e1)
> >    {
> >        e1.printStackTrace();
> >    }
> >
> >    while (true)
> >        try {
> >            Thread.sleep(1000);
> >        } catch (InterruptedException e) {
> >            e.printStackTrace();
> >        }
> > }
> >
> > Thank you for the efforts you are putting to help in the issue.
> >
> >
> >
> > On Sat Aug 14,2010 07:20 am, Thiago Veronezi wrote:
> > > Mansour,
> > >
> > > Ill be very surprised if this is the first time that anyone has tried to
> > use
> > > another realmName as you do. Thats a basic feature. Im creating a little
> > > ejbserver/ejbclient project to recreate your problem. Give me some hours
> > for
> > > it. When its done, I will send it to you.
> > >
> > > []s,
> > > Thiago.
> > >
> > > On Fri, Aug 13, 2010 at 8:44 PM, Mansour Al Akeel <
> > mansour.alakeel@gmail.com
> > > > wrote:
> > >
> > > > Thiago:
> > > > I am unable to find any occurance to "openejb.authentication.realmName"
> > > > in the source code, except for the two classes:
> > > > org/apache/openejb/core/ivm/naming/InitContextFactory.java (depricated)
> > > > org/apache/openejb/client/LocalInitialContext.java
> > > >
> > > > it looks to me like, this property is never really set. I am not sure
> > if
> > > > the is a bug! It easy to fix, but I don't know the best place to do so.
> > > >
> > > > Any tip?
> > > >
> > > > Thank you.
> > > >
> > > >
> > > > On Sat Aug 14,2010 12:19 am, Mansour Al Akeel wrote:
> > > > > Thiago:
> > > > > That's what I am doing and what I am trying to do. I am running
> > openEJB
> > > > > as standalone, and trying to change the defualt realm name. Let's
not
> > > > > complicate the issue. I avoided mentioning anything about the
> > > > > client, to keep things simple. The client could be web app, swing,
> > > > ...etc.
> > > > > The authentication will happen against the server.
> > > > > But how to I tell, the standalone openejb server to use SQLLogin
> > realm ?
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Fri Aug 13,2010 04:07 pm, Thiago Veronezi wrote:
> > > > > > Man,
> > > > > > I had another idea: who needs to specify the realmName is the
> > client,
> > > > just
> > > > > > like a webApp does (via web.xml file). So, you should set the
> > > > > > *props.setProperty("openejb.authentication.realmName",
> > > > > > "YourRealmName") *value, or use a jndi.properties file to set
the
> > same
> > > > > > value... even if you are using a remote server. Just like the
doc
> > says:
> > > > "If
> > > > > > you don't speficy a realm name, the default (currently
> > PropertiesLogin)
> > > > is
> > > > > > used."
> > > > > >
> > > > > > from the docs *************************
> > > > > >
> > > > > > *To make your program authenticate itself to the server*, simply
> > > > construct
> > > > > > your InitialContext with the standard javax.naming.Context
> > properties
> > > > for
> > > > > > user/pass info, which is:
> > > > > >
> > > > > > Properties props = new Properties();
> > > > > > props.setProperty(Context.INITIAL_CONTEXT_FACTORY,
> > > > > > "org.apache.openejb.client.RemoteInitialContextFactory");
> > > > > > props.setProperty(Context.PROVIDER_URL,
> > > > > >
> > "ejbd://localhost:4201");props.setProperty(Context.SECURITY_PRINCIPAL,
> > > > > > "someuser");
> > > > > > props.setProperty(Context.SECURITY_CREDENTIALS, "thepass");
> > > > > > props.setProperty("openejb.authentication.realmName",
> > > > > > "PropertiesLogin"); // optionalInitialContext ctx = new
> > > > > > InitialContext(props);
> > > > > > ctx.lookup(...);
> > > > > >
> > > > > > That will get you logged in and all your calls from that context
> > should
> > > > > > execute as you.
> > > > > >
> > > > > >
> > > > > > []s,
> > > > > > Thiago.
> > > > > >
> > > > > > On Fri, Aug 13, 2010 at 3:27 PM, Mansour Al Akeel <
> > > > mansour.alakeel@gmail.com
> > > > > > > wrote:
> > > > > >
> > > > > > > Hello Thiago:
> > > > > > > It's getting difficult to track. Running MainImpl should
be done
> > > > through
> > > > > > > Bootstrap class in the same package, and it's not accepting
any
> > > > command
> > > > > > > line parameters:
> > > > > > > Unavailable command: start
> > > > > > >
> > > > > > > Available commands:
> > > > > > >
> > > > > > >    cipher       Encrypt a database password and print it
to
> > stdout.
> > > > > > >    deploy       Deploy an ejb jar or ear into OpenEJB.
> > > > > > >    properties   Convert and print the OpenEJB configuration
as
> > > > properties
> > > > > > >    undeploy     Undeploy an ejb jar or ear
> > > > > > >
> > > > > > > Many thing could be wrong, including the docs. Are we sure
that
> > the
> > > > > > > property name to override the realm is
> > > > "openejb.authentication.realmName" ?
> > > > > > >
> > > > > > > I have created a file "conf/system.properties" and placed
the
> > > > property
> > > > > > > in it, but still no luck.
> > > > > > >
> > > > > > > Let's wait and see if someone has an idea, other than debugging
> > and
> > > > > > > reading the source code.
> > > > > > >
> > > > > > > Thank you.
> > > > > > >
> > > > > > > On Fri Aug 13,2010 01:21 pm, Thiago Veronezi wrote:
> > > > > > > > Mansour...
> > > > > > > > Debug this class...
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > >
> > /openejb3/container/openejb-core/src/main/java/org/apache/openejb/cli/MainImpl.java
> > > > > > > >
> > > > > > > > processSystemProperties method
> > > > > > > >
> > > > > > > > and check how your parameters are being managed by
the server.
> > > > > > > >
> > > > > > > > []s,
> > > > > > > > Thiago.
> > > > > > > >
> > > > > > > >
> > > > > > > > On Fri, Aug 13, 2010 at 1:39 PM, Mansour Al Akeel
<
> > > > > > > mansour.alakeel@gmail.com
> > > > > > > > > wrote:
> > > > > > > >
> > > > > > > > > From org.apache.openejb.core.security.SecurityServiceImpl:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > public UUID login(String realmName, String username,
String
> > > > password)
> > > > > > > > > throws LoginException {
> > > > > > > > >    if (realmName == null){
> > > > > > > > >        realmName = getRealmName();
> > > > > > > > >    }
> > > > > > > > >    LoginContext context = new LoginContext(realmName,
new
> > > > > > > > > UsernamePasswordCallbackHandler(username, password));
> > > > > > > > >    context.login();
> > > > > > > > >
> > > > > > > > >    Subject subject = context.getSubject();
> > > > > > > > >
> > > > > > > > >    UUID token = registerSubject(subject);
> > > > > > > > >    contexts.put(token, context);
> > > > > > > > >
> > > > > > > > >    return token;
> > > > > > > > > }
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > realmName in the method arg is being called with
null value.
> > > > Which
> > > > > > > > > results in the default value being used. The
default value
> > for
> > > > > > > realmName
> > > > > > > > > is "PropertiesLogin" declared in AbstractSecurityService
> > class.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > I was not able to dig further. Help from the
development team
> > > > will be
> > > > > > > > > appreciated.
> > > > > > > > >
> > > > > > > > > Thank you.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On Fri Aug 13,2010 07:32 pm, Mansour Al Akeel
wrote:
> > > > > > > > > > I noticed this. However, there's no luck.
> > > > > > > > > > THe work around you suggested,did the job.
It's using the
> > > > > > > configuraiton
> > > > > > > > > > I need. As you mentioned, for now this is
ok. I think I
> > will
> > > > have to
> > > > > > > > > > setup a remote debugger to resolve it completely.
> > > > > > > > > >
> > > > > > > > > > Thank you Thiago.
> > > > > > > > > >
> > > > > > > > >
> > > > > > >
> > > >
> >

Mime
View raw message