[Acegisecurity-developer] Spring Security is not portable
I have a simple war where I used spring-security to implement a BASIC login using JAAS. It works fine on Tomcat but on JBoss I get the following error. It seems to be ignoring my spring-security configuration because it wants to load users/roles from local file. 13:54:02,128 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role f iles java.io.IOException: No properties file: users.properties or defaults: defaultUs ers.properties found at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315) at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRole sLoginModule.java:186) at org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRo lesLoginModule.java:200) at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRol esLoginModule.java:127) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces sorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:1 86) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:6 80) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.springframework.security.providers.jaas.JaasAuthenticationProvide r.authenticate(JaasAuthenticationProvider.java:190) at org.springframework.security.providers.ProviderManager.doAuthenticati on(ProviderManager.java:188) at org.springframework.security.AbstractAuthenticationManager.authentica te(AbstractAuthenticationManager.java:46) at org.springframework.security.ui.basicauth.BasicProcessingFilter.doFil terHttp(BasicProcessingFilter.java:139) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringS ecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain .doFilter(FilterChainProxy.java:390) at org.springframework.security.context.HttpSessionContextIntegrationFil ter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235) at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringS ecurityFilter.java:53) at org.springframework.security.util.FilterChainProxy$VirtualFilterChain .doFilter(FilterChainProxy.java:390) at org.springframework.security.util.FilterChainProxy.doFilter(FilterCha inProxy.java:175) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D elegatingFilterProxy.java:236) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat ingFilterProxy.java:167) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFi lter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl icationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF ilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV alve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV alve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(Securit yAssociationValve.java:182) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv e.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j ava:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j ava:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC onnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal ve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav a:262) at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcesso r.java:856) at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.pr ocess(Http11AprProtocol.java:566) at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:15 08) Here are my configuration files: beans:beans xmlns=http://www.springframework.org/schema/security; xmlns:beans=http://www.springframework.org/schema/beans; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance;
Re: [Acegisecurity-developer] Spring Security is not portable
I have a simple war where I used spring-security to implement a BASIC login using JAAS. It works fine on Tomcat but on JBoss I get the following error. It seems to be ignoring my spring-security configuration because it wants to load users/roles from local file. 13:54:02,128 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role f iles java.io.IOException: No properties file: users.properties or defaults: defaultUs ers.properties found at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315) at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRole sLoginModule.java:186) Why isn't this portable to JBoss? It is all portable to JBoss. What you have is a JBoss problem, not an Acegi problem. This might help... http://www.jboss.org/community/wiki/UsersRolesLoginModule -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
Re: [Acegisecurity-developer] Spring Security is not portable
I don't understand. I see the link explains the UsersRolesLoginModule, the property files it uses, and how to subclass it, etc. What I don't understand is what in JBoss needs to be 'fixed' so that spring-security is portable. I'm using JAAS in spring-security so I can't add also add users to UsersRolesLoginModule's property files, etc. Please explain. -Dave On Thu, May 14, 2009 at 6:08 PM, Ray Krueger raykrue...@gmail.com wrote: I have a simple war where I used spring-security to implement a BASIC login using JAAS. It works fine on Tomcat but on JBoss I get the following error. It seems to be ignoring my spring-security configuration because it wants to load users/roles from local file. 13:54:02,128 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role f iles java.io.IOException: No properties file: users.properties or defaults: defaultUs ers.properties found at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315) at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRole sLoginModule.java:186) Why isn't this portable to JBoss? It is all portable to JBoss. What you have is a JBoss problem, not an Acegi problem. This might help... http://www.jboss.org/community/wiki/UsersRolesLoginModule -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects ___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer -- Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects___ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer