tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thiago Veronezi <thi...@veronezi.org>
Subject Re: Ldap Jaas and standalone container
Date Sun, 15 Aug 2010 15:27:39 GMT
Hi Mansour,
I wasnt able to reproduce your problem. I've create a really simple project
to test it, and the realName property is running fine. You can try
yourself... steps below...

* Download the project source here:
http://dl.dropbox.com/u/1459144/securitytest.tar.gz
* Extract this file and run "mvn clean install"
* Download the openejb stand-alone server here
http://www.apache.org/dyn/closer.cgi/openejb/3.1.2/openejb-3.1.2.tar.gz
* Extract the openejb gz and run the server for the first time.
* Stop the server
* Go to the securitytest/ejblayer/target/lib folder and copy all the files
there to the openejb/lib folder
* Copy the jar under securitytest/ejblayer/target/ to the openejb/apps
folder
* Start the server again
* Go to the securitytest/clientlayer/target/ folder and run "java -jar
clientlayer.jar remote SQLLogin"

You are going to see an exception like "Table not found in statement [SELECT
user, password FROM users WHERE user = ?]", proving that the realmName
property is being used.

I'm using openejb 3.1.2. You can check this project code to see what you are
doing wrong.
Hope that helps...
[]s,
Thiago

On Sat, Aug 14, 2010 at 11:01 AM, Mansour Al Akeel <
mansour.alakeel@gmail.com> wrote:

> Thiago:
> I appreciate your help. A small tip that may help you. You can even try
> to set the realmName in an embeeded container. It didn't work for me.
> For example:
>
> public static void main(String[] args) {
>
>    Properties p = new Properties();
>    p.put(Context.INITIAL_CONTEXT_FACTORY,
> "org.apache.openejb.client.LocalInitialContextFactory");
>    p.put("openejb.home", "/home/mansour/openejb-3.1.2");
>    p.put("openejb.authentication.realmName", "SQLLogin");
>    Context context;
>
>    try {
>        context = new InitialContext(p);
>    }
>    catch (NamingException e1)
>    {
>        e1.printStackTrace();
>    }
>
>    while (true)
>        try {
>            Thread.sleep(1000);
>        } catch (InterruptedException e) {
>            e.printStackTrace();
>        }
> }
>
> Thank you for the efforts you are putting to help in the issue.
>
>
>
> On Sat Aug 14,2010 07:20 am, Thiago Veronezi wrote:
> > Mansour,
> >
> > Ill be very surprised if this is the first time that anyone has tried to
> use
> > another realmName as you do. Thats a basic feature. Im creating a little
> > ejbserver/ejbclient project to recreate your problem. Give me some hours
> for
> > it. When its done, I will send it to you.
> >
> > []s,
> > Thiago.
> >
> > On Fri, Aug 13, 2010 at 8:44 PM, Mansour Al Akeel <
> mansour.alakeel@gmail.com
> > > wrote:
> >
> > > Thiago:
> > > I am unable to find any occurance to "openejb.authentication.realmName"
> > > in the source code, except for the two classes:
> > > org/apache/openejb/core/ivm/naming/InitContextFactory.java (depricated)
> > > org/apache/openejb/client/LocalInitialContext.java
> > >
> > > it looks to me like, this property is never really set. I am not sure
> if
> > > the is a bug! It easy to fix, but I don't know the best place to do so.
> > >
> > > Any tip?
> > >
> > > Thank you.
> > >
> > >
> > > On Sat Aug 14,2010 12:19 am, Mansour Al Akeel wrote:
> > > > Thiago:
> > > > That's what I am doing and what I am trying to do. I am running
> openEJB
> > > > as standalone, and trying to change the defualt realm name. Let's not
> > > > complicate the issue. I avoided mentioning anything about the
> > > > client, to keep things simple. The client could be web app, swing,
> > > ...etc.
> > > > The authentication will happen against the server.
> > > > But how to I tell, the standalone openejb server to use SQLLogin
> realm ?
> > > >
> > > >
> > > >
> > > >
> > > > On Fri Aug 13,2010 04:07 pm, Thiago Veronezi wrote:
> > > > > Man,
> > > > > I had another idea: who needs to specify the realmName is the
> client,
> > > just
> > > > > like a webApp does (via web.xml file). So, you should set the
> > > > > *props.setProperty("openejb.authentication.realmName",
> > > > > "YourRealmName") *value, or use a jndi.properties file to set the
> same
> > > > > value... even if you are using a remote server. Just like the doc
> says:
> > > "If
> > > > > you don't speficy a realm name, the default (currently
> PropertiesLogin)
> > > is
> > > > > used."
> > > > >
> > > > > from the docs *************************
> > > > >
> > > > > *To make your program authenticate itself to the server*, simply
> > > construct
> > > > > your InitialContext with the standard javax.naming.Context
> properties
> > > for
> > > > > user/pass info, which is:
> > > > >
> > > > > Properties props = new Properties();
> > > > > props.setProperty(Context.INITIAL_CONTEXT_FACTORY,
> > > > > "org.apache.openejb.client.RemoteInitialContextFactory");
> > > > > props.setProperty(Context.PROVIDER_URL,
> > > > >
> "ejbd://localhost:4201");props.setProperty(Context.SECURITY_PRINCIPAL,
> > > > > "someuser");
> > > > > props.setProperty(Context.SECURITY_CREDENTIALS, "thepass");
> > > > > props.setProperty("openejb.authentication.realmName",
> > > > > "PropertiesLogin"); // optionalInitialContext ctx = new
> > > > > InitialContext(props);
> > > > > ctx.lookup(...);
> > > > >
> > > > > That will get you logged in and all your calls from that context
> should
> > > > > execute as you.
> > > > >
> > > > >
> > > > > []s,
> > > > > Thiago.
> > > > >
> > > > > On Fri, Aug 13, 2010 at 3:27 PM, Mansour Al Akeel <
> > > mansour.alakeel@gmail.com
> > > > > > wrote:
> > > > >
> > > > > > Hello Thiago:
> > > > > > It's getting difficult to track. Running MainImpl should be
done
> > > through
> > > > > > Bootstrap class in the same package, and it's not accepting
any
> > > command
> > > > > > line parameters:
> > > > > > Unavailable command: start
> > > > > >
> > > > > > Available commands:
> > > > > >
> > > > > >    cipher       Encrypt a database password and print it to
> stdout.
> > > > > >    deploy       Deploy an ejb jar or ear into OpenEJB.
> > > > > >    properties   Convert and print the OpenEJB configuration
as
> > > properties
> > > > > >    undeploy     Undeploy an ejb jar or ear
> > > > > >
> > > > > > Many thing could be wrong, including the docs. Are we sure that
> the
> > > > > > property name to override the realm is
> > > "openejb.authentication.realmName" ?
> > > > > >
> > > > > > I have created a file "conf/system.properties" and placed the
> > > property
> > > > > > in it, but still no luck.
> > > > > >
> > > > > > Let's wait and see if someone has an idea, other than debugging
> and
> > > > > > reading the source code.
> > > > > >
> > > > > > Thank you.
> > > > > >
> > > > > > On Fri Aug 13,2010 01:21 pm, Thiago Veronezi wrote:
> > > > > > > Mansour...
> > > > > > > Debug this class...
> > > > > > >
> > > > > > >
> > > > > >
> > >
> /openejb3/container/openejb-core/src/main/java/org/apache/openejb/cli/MainImpl.java
> > > > > > >
> > > > > > > processSystemProperties method
> > > > > > >
> > > > > > > and check how your parameters are being managed by the
server.
> > > > > > >
> > > > > > > []s,
> > > > > > > Thiago.
> > > > > > >
> > > > > > >
> > > > > > > On Fri, Aug 13, 2010 at 1:39 PM, Mansour Al Akeel <
> > > > > > mansour.alakeel@gmail.com
> > > > > > > > wrote:
> > > > > > >
> > > > > > > > From org.apache.openejb.core.security.SecurityServiceImpl:
> > > > > > > >
> > > > > > > >
> > > > > > > > public UUID login(String realmName, String username,
String
> > > password)
> > > > > > > > throws LoginException {
> > > > > > > >    if (realmName == null){
> > > > > > > >        realmName = getRealmName();
> > > > > > > >    }
> > > > > > > >    LoginContext context = new LoginContext(realmName,
new
> > > > > > > > UsernamePasswordCallbackHandler(username, password));
> > > > > > > >    context.login();
> > > > > > > >
> > > > > > > >    Subject subject = context.getSubject();
> > > > > > > >
> > > > > > > >    UUID token = registerSubject(subject);
> > > > > > > >    contexts.put(token, context);
> > > > > > > >
> > > > > > > >    return token;
> > > > > > > > }
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > realmName in the method arg is being called with null
value.
> > > Which
> > > > > > > > results in the default value being used. The default
value
> for
> > > > > > realmName
> > > > > > > > is "PropertiesLogin" declared in AbstractSecurityService
> class.
> > > > > > > >
> > > > > > > >
> > > > > > > > I was not able to dig further. Help from the development
team
> > > will be
> > > > > > > > appreciated.
> > > > > > > >
> > > > > > > > Thank you.
> > > > > > > >
> > > > > > > >
> > > > > > > > On Fri Aug 13,2010 07:32 pm, Mansour Al Akeel wrote:
> > > > > > > > > I noticed this. However, there's no luck.
> > > > > > > > > THe work around you suggested,did the job. It's
using the
> > > > > > configuraiton
> > > > > > > > > I need. As you mentioned, for now this is ok.
I think I
> will
> > > have to
> > > > > > > > > setup a remote debugger to resolve it completely.
> > > > > > > > >
> > > > > > > > > Thank you Thiago.
> > > > > > > > >
> > > > > > > >
> > > > > >
> > >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message