tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thiago Veronezi <thi...@veronezi.org>
Subject Re: Ldap Jaas and standalone container
Date Fri, 13 Aug 2010 14:34:19 GMT
Mansour...
I've just realized that on my previous email I said to try...
./bin/openejb start -Dopenejb.authentication.realmName=SQLLoginModule

But I think thats wrong... You should try...
./bin/openejb start -Dopenejb.authentication.realmName=SQLLogin
... instead. Where SQLLogin is the name of the realm. :O)

Sorry,
Thiago.


On Fri, Aug 13, 2010 at 10:26 AM, Thiago Veronezi <thiago@veronezi.org>wrote:

> Hi Mansour,
>
> To get your code running with a "workaround" and to get back to work, my
> advice is to just make a little change on login.config file: rename the
> "SQLLogin" to "PropertiesLogin" and remove the original "PropertiesLogin".
> Remember... this is only a workaround... Ill try to find another solution
> for that...
>
> []s,
> Thiago.
>
>
> On Fri, Aug 13, 2010 at 10:21 AM, Mansour Al Akeel <
> mansour.alakeel@gmail.com> wrote:
>
>> Hello Thiago:
>> I tried bot hways and none of them worked out for me. I don't know why.
>>
>> I deleted the definition for PropertiesLogin from login.properties file,
>> and got the following exception:
>>
>> javax.naming.AuthenticationException: This principle is not authorized.
>> [Root exception is javax.security.auth.login.LoginException: No
>> LoginModules configured for PropertiesLogin]
>>    at
>> org.apache.openejb.client.JNDIContext.authenticate(JNDIContext.java:173)
>>        at
>> org.apache.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:114)
>>        at
>> javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
>>        at
>> javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
>>        at javax.naming.InitialContext.init(InitialContext.java:223)
>>        at javax.naming.InitialContext.<init>(InitialContext.java:197)
>>        at rentals.swing.main.Main.main(Main.java:40)
>>    Caused by: javax.security.auth.login.LoginException: No LoginModules
>> configured for PropertiesLogin
>>        at
>> javax.security.auth.login.LoginContext.init(LoginContext.java:273)
>>        at
>> javax.security.auth.login.LoginContext.<init>(LoginContext.java:418)
>>        at
>> org.apache.openejb.core.security.SecurityServiceImpl.login(SecurityServiceImpl.java:74)
>>        at
>> org.apache.openejb.core.security.SecurityServiceImpl.login(SecurityServiceImpl.java:35)
>>        at
>> org.apache.openejb.server.ejbd.AuthRequestHandler.processRequest(AuthRequestHandler.java:56)
>>        at
>> org.apache.openejb.server.ejbd.EjbDaemon.processAuthRequest(EjbDaemon.java:204)
>>        at
>> org.apache.openejb.server.ejbd.EjbDaemon.service(EjbDaemon.java:157)
>>        at
>> org.apache.openejb.server.ejbd.EjbServer.service(EjbServer.java:71)
>>        at
>> org.apache.openejb.server.ejbd.KeepAliveServer$Session.service(KeepAliveServer.java:213)
>>        at
>> org.apache.openejb.server.ejbd.KeepAliveServer.service(KeepAliveServer.java:233)
>>        at
>> org.apache.openejb.server.ejbd.EjbServer.service(EjbServer.java:66)
>>        at org.apache.openejb.server.ServicePool$2.run(ServicePool.java:91)
>>        at
>> org.apache.openejb.server.ServicePool$3.run(ServicePool.java:120)
>>        at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
>>        at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
>>        at java.lang.Thread.run(Thread.java:636)
>>
>>
>> Here's the code I have to connect to the openEJB server, and
>> authenticate.
>>
>>    Properties props = new Properties();
>>    props.setProperty("java.naming.factory.initial",
>> "org.openejb.client.RemoteInitialContextFactory");
>>    props.setProperty("java.naming.provider.url", "ejbd://localhost:4201");
>>    props.setProperty("java.naming.security.principal", userName);
>>    props.setProperty("java.naming.security.credentials", password);
>>    Context context = null;
>>    try {
>>        System.out.println("initializing");
>>        context = new InitialContext(props);
>>        }
>>
>> From what I have found, in org.apache.openejb.client.JNDIContext:
>>
>> public Context getInitialContext(Hashtable environment) throws
>> NamingException {
>>    if (environment == null) {
>>        throw new NamingException("Invalid argument, hashtable cannot be
>> null.");
>>    } else {
>>        env = (Hashtable) environment.clone();
>>    }
>>
>>    String userID = (String) env.get(Context.SECURITY_PRINCIPAL);
>>    String psswrd = (String) env.get(Context.SECURITY_CREDENTIALS);
>>    String providerUrl = (String) env.get(Context.PROVIDER_URL);
>>    moduleId = (String) env.get("openejb.client.moduleId");
>>
>> ....
>>
>> moduleId is always null !
>> And the environment contains only the four properties I have added, but
>> nothig related to the realm!
>>
>> Any advice ?
>>
>> Thank you.
>>
>>
>>
>> On Fri Aug 13,2010 06:13 am, Thiago Veronezi wrote:
>> > Hi Mansour,
>> > The README.txt file talks about a handy property overriding feature...
>> :O)
>> >
>> > ./bin/openejb start -DMyDataSource.username=foo
>> >
>> > Could you try to call...
>> > ./bin/openejb start -Dopenejb.authentication.realmName=SQLLoginModule
>> > ?
>> >
>> > tkx,
>> > Thiago.
>> >
>> >
>> > On Fri, Aug 13, 2010 at 5:55 AM, Thiago Veronezi <thiago@veronezi.org
>> >wrote:
>> >
>> > > Hi Mansour,
>> > > I've made a grep over the conf folder and I found a "realmName"
>> proterty
>> > > on
>> > > /openejb-3.1.2/conf/cxf.properties
>> > >
>> > > Try to uncomment that config and set
>> > >
>> > > realmName = SQLLoginModule
>> > > hope that helps...
>> > >
>> > > []s,
>> > > Thiago
>> > >
>> > >
>> > > On Thu, Aug 12, 2010 at 10:12 PM, Mansour Al Akeel <
>> > > mansour.alakeel@gmail.com> wrote:
>> > >
>> > >> Thiago:
>> > >> I still think there's some misunderstanding. I have created the
>> > >> MyLdapLogin configuration, the issue is telling openEJB to use it.
>> > >>
>> > >> To make thinks simpler, how can I tell openEjb to use SQLLogin.
>> Please
>> > >> note that I am using openEJB from the command wrapper using:
>> > >>
>> > >> ${openejb.base}/bin/openejb start
>> > >>
>> > >> Thank you in advance.
>> > >>
>> > >>
>> > >> On Thu Aug 12,2010 12:47 pm, Thiago Veronezi wrote:
>> > >> > Hi Mansour,
>> > >> > I think it does...
>> > >> >
>> > >> > Set your realmName here: ${openejb.base}/conf/login.config
>> > >> > Use one of the existing realms as example of how to declare it.
>> > >> >
>> > >> > Then set...
>> > >> > props.setProperty("openejb.authentication.realmName",
>> "YourRealmName");
>> > >> //
>> > >> > optional
>> > >> >
>> > >> > []s,
>> > >> > Thiago.
>> > >> >
>> > >> > On Thu, Aug 12, 2010 at 11:34 AM, Mansour Al Akeel <
>> > >> > mansour.alakeel@gmail.com> wrote:
>> > >> >
>> > >> > > Hi Thiago:
>> > >> > > I 've had a look at this page earlier. However it doesn't
show
>> how to
>> > >> > > use the SQLLogin Module to authenticate. By default it uses
the
>> > >> > > PropertiesLogin.
>> > >> > > I hope this makes things clear. With regard to the the LDAP
login
>> > >> > > module, I am not worried about it at this point. The main
issue
>> is how
>> > >> > > to configure the standalone ejb container to use different
realm
>> !
>> > >> > >
>> > >> > >
>> > >> > > On Thu Aug 12,2010 10:02 am, Thiago Veronezi wrote:
>> > >> > > > Hi Mansour,
>> > >> > > > Check this link...
>> > >> > > > http://openejb.apache.org/3.0/security.html
>> > >> > > > <http://openejb.apache.org/3.0/security.html>My
guess is that
>> you
>> > >> will
>> > >> > > > probably need to create your own loginModule for that.
>> > >> > > > []s,
>> > >> > > > Thiago.
>> > >> > > >
>> > >> > > > On Thu, Aug 12, 2010 at 9:43 AM, Mansour Al Akeel <
>> > >> > > mansour.alakeel@gmail.com
>> > >> > > > > wrote:
>> > >> > > >
>> > >> > > > > I am devleoping an application and testing it using
the
>> standalone
>> > >> > > > > openejb. The default configuraiton for the security
uses
>> > >> > > > > PropertiesLogin, and there's the SQLLogin. Both
are located
>> at
>> > >> > > > > $OPENEJB_HOME/conf/login.properties.
>> > >> > > > >
>> > >> > > > > How do I configure the standalone container to
use something
>> other
>> > >> that
>> > >> > > > > PropertiesLogin ?
>> > >> > > > >
>> > >> > > > > Anyone had success with a directory services (ie,
apacheDS,
>> > >> openLDAP) ?
>> > >> > > > >
>> > >> > > > >
>> > >> > > > >
>> > >> > >
>> > >>
>> > >
>> > >
>>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message