tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thiago Veronezi <thi...@veronezi.org>
Subject Re: Ldap Jaas and standalone container
Date Fri, 13 Aug 2010 20:07:58 GMT
Man,
I had another idea: who needs to specify the realmName is the client, just
like a webApp does (via web.xml file). So, you should set the
*props.setProperty("openejb.authentication.realmName",
"YourRealmName") *value, or use a jndi.properties file to set the same
value... even if you are using a remote server. Just like the doc says: "If
you don't speficy a realm name, the default (currently PropertiesLogin) is
used."

from the docs *************************

*To make your program authenticate itself to the server*, simply construct
your InitialContext with the standard javax.naming.Context properties for
user/pass info, which is:

Properties props = new Properties();
props.setProperty(Context.INITIAL_CONTEXT_FACTORY,
"org.apache.openejb.client.RemoteInitialContextFactory");
props.setProperty(Context.PROVIDER_URL,
"ejbd://localhost:4201");props.setProperty(Context.SECURITY_PRINCIPAL,
"someuser");
props.setProperty(Context.SECURITY_CREDENTIALS, "thepass");
props.setProperty("openejb.authentication.realmName",
"PropertiesLogin"); // optionalInitialContext ctx = new
InitialContext(props);
ctx.lookup(...);

That will get you logged in and all your calls from that context should
execute as you.


[]s,
Thiago.

On Fri, Aug 13, 2010 at 3:27 PM, Mansour Al Akeel <mansour.alakeel@gmail.com
> wrote:

> Hello Thiago:
> It's getting difficult to track. Running MainImpl should be done through
> Bootstrap class in the same package, and it's not accepting any command
> line parameters:
> Unavailable command: start
>
> Available commands:
>
>    cipher       Encrypt a database password and print it to stdout.
>    deploy       Deploy an ejb jar or ear into OpenEJB.
>    properties   Convert and print the OpenEJB configuration as properties
>    undeploy     Undeploy an ejb jar or ear
>
> Many thing could be wrong, including the docs. Are we sure that the
> property name to override the realm is "openejb.authentication.realmName" ?
>
> I have created a file "conf/system.properties" and placed the property
> in it, but still no luck.
>
> Let's wait and see if someone has an idea, other than debugging and
> reading the source code.
>
> Thank you.
>
> On Fri Aug 13,2010 01:21 pm, Thiago Veronezi wrote:
> > Mansour...
> > Debug this class...
> >
> >
> /openejb3/container/openejb-core/src/main/java/org/apache/openejb/cli/MainImpl.java
> >
> > processSystemProperties method
> >
> > and check how your parameters are being managed by the server.
> >
> > []s,
> > Thiago.
> >
> >
> > On Fri, Aug 13, 2010 at 1:39 PM, Mansour Al Akeel <
> mansour.alakeel@gmail.com
> > > wrote:
> >
> > > From org.apache.openejb.core.security.SecurityServiceImpl:
> > >
> > >
> > > public UUID login(String realmName, String username, String password)
> > > throws LoginException {
> > >    if (realmName == null){
> > >        realmName = getRealmName();
> > >    }
> > >    LoginContext context = new LoginContext(realmName, new
> > > UsernamePasswordCallbackHandler(username, password));
> > >    context.login();
> > >
> > >    Subject subject = context.getSubject();
> > >
> > >    UUID token = registerSubject(subject);
> > >    contexts.put(token, context);
> > >
> > >    return token;
> > > }
> > >
> > >
> > >
> > > realmName in the method arg is being called with null value. Which
> > > results in the default value being used. The default value for
> realmName
> > > is "PropertiesLogin" declared in AbstractSecurityService class.
> > >
> > >
> > > I was not able to dig further. Help from the development team will be
> > > appreciated.
> > >
> > > Thank you.
> > >
> > >
> > > On Fri Aug 13,2010 07:32 pm, Mansour Al Akeel wrote:
> > > > I noticed this. However, there's no luck.
> > > > THe work around you suggested,did the job. It's using the
> configuraiton
> > > > I need. As you mentioned, for now this is ok. I think I will have to
> > > > setup a remote debugger to resolve it completely.
> > > >
> > > > Thank you Thiago.
> > > >
> > >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message