tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thiago Veronezi <thi...@veronezi.org>
Subject Re: Ldap Jaas and standalone container
Date Fri, 13 Aug 2010 14:26:26 GMT
Hi Mansour,

To get your code running with a "workaround" and to get back to work, my
advice is to just make a little change on login.config file: rename the
"SQLLogin" to "PropertiesLogin" and remove the original "PropertiesLogin".
Remember... this is only a workaround... Ill try to find another solution
for that...

[]s,
Thiago.


On Fri, Aug 13, 2010 at 10:21 AM, Mansour Al Akeel <
mansour.alakeel@gmail.com> wrote:

> Hello Thiago:
> I tried bot hways and none of them worked out for me. I don't know why.
>
> I deleted the definition for PropertiesLogin from login.properties file,
> and got the following exception:
>
> javax.naming.AuthenticationException: This principle is not authorized.
> [Root exception is javax.security.auth.login.LoginException: No
> LoginModules configured for PropertiesLogin]
>    at
> org.apache.openejb.client.JNDIContext.authenticate(JNDIContext.java:173)
>        at
> org.apache.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:114)
>        at
> javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
>        at
> javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
>        at javax.naming.InitialContext.init(InitialContext.java:223)
>        at javax.naming.InitialContext.<init>(InitialContext.java:197)
>        at rentals.swing.main.Main.main(Main.java:40)
>    Caused by: javax.security.auth.login.LoginException: No LoginModules
> configured for PropertiesLogin
>        at
> javax.security.auth.login.LoginContext.init(LoginContext.java:273)
>        at
> javax.security.auth.login.LoginContext.<init>(LoginContext.java:418)
>        at
> org.apache.openejb.core.security.SecurityServiceImpl.login(SecurityServiceImpl.java:74)
>        at
> org.apache.openejb.core.security.SecurityServiceImpl.login(SecurityServiceImpl.java:35)
>        at
> org.apache.openejb.server.ejbd.AuthRequestHandler.processRequest(AuthRequestHandler.java:56)
>        at
> org.apache.openejb.server.ejbd.EjbDaemon.processAuthRequest(EjbDaemon.java:204)
>        at
> org.apache.openejb.server.ejbd.EjbDaemon.service(EjbDaemon.java:157)
>        at
> org.apache.openejb.server.ejbd.EjbServer.service(EjbServer.java:71)
>        at
> org.apache.openejb.server.ejbd.KeepAliveServer$Session.service(KeepAliveServer.java:213)
>        at
> org.apache.openejb.server.ejbd.KeepAliveServer.service(KeepAliveServer.java:233)
>        at
> org.apache.openejb.server.ejbd.EjbServer.service(EjbServer.java:66)
>        at org.apache.openejb.server.ServicePool$2.run(ServicePool.java:91)
>        at org.apache.openejb.server.ServicePool$3.run(ServicePool.java:120)
>        at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
>        at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
>        at java.lang.Thread.run(Thread.java:636)
>
>
> Here's the code I have to connect to the openEJB server, and
> authenticate.
>
>    Properties props = new Properties();
>    props.setProperty("java.naming.factory.initial",
> "org.openejb.client.RemoteInitialContextFactory");
>    props.setProperty("java.naming.provider.url", "ejbd://localhost:4201");
>    props.setProperty("java.naming.security.principal", userName);
>    props.setProperty("java.naming.security.credentials", password);
>    Context context = null;
>    try {
>        System.out.println("initializing");
>        context = new InitialContext(props);
>        }
>
> From what I have found, in org.apache.openejb.client.JNDIContext:
>
> public Context getInitialContext(Hashtable environment) throws
> NamingException {
>    if (environment == null) {
>        throw new NamingException("Invalid argument, hashtable cannot be
> null.");
>    } else {
>        env = (Hashtable) environment.clone();
>    }
>
>    String userID = (String) env.get(Context.SECURITY_PRINCIPAL);
>    String psswrd = (String) env.get(Context.SECURITY_CREDENTIALS);
>    String providerUrl = (String) env.get(Context.PROVIDER_URL);
>    moduleId = (String) env.get("openejb.client.moduleId");
>
> ....
>
> moduleId is always null !
> And the environment contains only the four properties I have added, but
> nothig related to the realm!
>
> Any advice ?
>
> Thank you.
>
>
>
> On Fri Aug 13,2010 06:13 am, Thiago Veronezi wrote:
> > Hi Mansour,
> > The README.txt file talks about a handy property overriding feature...
> :O)
> >
> > ./bin/openejb start -DMyDataSource.username=foo
> >
> > Could you try to call...
> > ./bin/openejb start -Dopenejb.authentication.realmName=SQLLoginModule
> > ?
> >
> > tkx,
> > Thiago.
> >
> >
> > On Fri, Aug 13, 2010 at 5:55 AM, Thiago Veronezi <thiago@veronezi.org
> >wrote:
> >
> > > Hi Mansour,
> > > I've made a grep over the conf folder and I found a "realmName"
> proterty
> > > on
> > > /openejb-3.1.2/conf/cxf.properties
> > >
> > > Try to uncomment that config and set
> > >
> > > realmName = SQLLoginModule
> > > hope that helps...
> > >
> > > []s,
> > > Thiago
> > >
> > >
> > > On Thu, Aug 12, 2010 at 10:12 PM, Mansour Al Akeel <
> > > mansour.alakeel@gmail.com> wrote:
> > >
> > >> Thiago:
> > >> I still think there's some misunderstanding. I have created the
> > >> MyLdapLogin configuration, the issue is telling openEJB to use it.
> > >>
> > >> To make thinks simpler, how can I tell openEjb to use SQLLogin. Please
> > >> note that I am using openEJB from the command wrapper using:
> > >>
> > >> ${openejb.base}/bin/openejb start
> > >>
> > >> Thank you in advance.
> > >>
> > >>
> > >> On Thu Aug 12,2010 12:47 pm, Thiago Veronezi wrote:
> > >> > Hi Mansour,
> > >> > I think it does...
> > >> >
> > >> > Set your realmName here: ${openejb.base}/conf/login.config
> > >> > Use one of the existing realms as example of how to declare it.
> > >> >
> > >> > Then set...
> > >> > props.setProperty("openejb.authentication.realmName",
> "YourRealmName");
> > >> //
> > >> > optional
> > >> >
> > >> > []s,
> > >> > Thiago.
> > >> >
> > >> > On Thu, Aug 12, 2010 at 11:34 AM, Mansour Al Akeel <
> > >> > mansour.alakeel@gmail.com> wrote:
> > >> >
> > >> > > Hi Thiago:
> > >> > > I 've had a look at this page earlier. However it doesn't show
how
> to
> > >> > > use the SQLLogin Module to authenticate. By default it uses the
> > >> > > PropertiesLogin.
> > >> > > I hope this makes things clear. With regard to the the LDAP login
> > >> > > module, I am not worried about it at this point. The main issue
is
> how
> > >> > > to configure the standalone ejb container to use different realm
!
> > >> > >
> > >> > >
> > >> > > On Thu Aug 12,2010 10:02 am, Thiago Veronezi wrote:
> > >> > > > Hi Mansour,
> > >> > > > Check this link...
> > >> > > > http://openejb.apache.org/3.0/security.html
> > >> > > > <http://openejb.apache.org/3.0/security.html>My guess
is that
> you
> > >> will
> > >> > > > probably need to create your own loginModule for that.
> > >> > > > []s,
> > >> > > > Thiago.
> > >> > > >
> > >> > > > On Thu, Aug 12, 2010 at 9:43 AM, Mansour Al Akeel <
> > >> > > mansour.alakeel@gmail.com
> > >> > > > > wrote:
> > >> > > >
> > >> > > > > I am devleoping an application and testing it using
the
> standalone
> > >> > > > > openejb. The default configuraiton for the security
uses
> > >> > > > > PropertiesLogin, and there's the SQLLogin. Both are
located at
> > >> > > > > $OPENEJB_HOME/conf/login.properties.
> > >> > > > >
> > >> > > > > How do I configure the standalone container to use
something
> other
> > >> that
> > >> > > > > PropertiesLogin ?
> > >> > > > >
> > >> > > > > Anyone had success with a directory services (ie, apacheDS,
> > >> openLDAP) ?
> > >> > > > >
> > >> > > > >
> > >> > > > >
> > >> > >
> > >>
> > >
> > >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message