Benjamin, you posted this thread once already. Myself and some others already replied. Please read the replies to your previous post.
On 7/20/06, Benjamin Brown <[EMAIL PROTECTED]> wrote: > Hi, > > I'm new to Acegi but I understand the basic concepts well enough to > configure it with our Spring based webapp. > > I'm having a particular problem with JAAS and Kerberos integration - it > appears our JBoss application server is possibly hijacking > authentication calls by JAAS but I'm unsure why. Its looking for a > users/passwords/role file despite being configured to use Kerberos, not > a dao setup. Does anyone know how to prevent this? > > Any pointers would be greatly appreciated, > > Benjamin > > Here's the relevant part of the log: > > 17:28:40,625 ERROR [UsersRolesLoginModule] Failed to load > users/passwords/role files > java.io.IOException: Properties file users.properties not found > at > org.jboss.security.auth.spi.UsersRolesLoginModule.loadProperties(UsersRolesLoginModule.java:217) > at > org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:234) > at > org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:100) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:324) > at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662) > at > javax.security.auth.login.LoginContext.access$000(LoginContext.java:129) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610) > at java.security.AccessController.doPrivileged(Native Method) > at > javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607) > at javax.security.auth.login.LoginContext.login(LoginContext.java:534) > at > org.acegisecurity.providers.jaas.JaasAuthenticationProvider.authenticate(JaasAuthenticationProvider.java:162) > > Here's the JAAS config: > > JAASTest { > com.sun.security.auth.module.Krb5LoginModule required debug=true; > }; > > Here's the relevant parts of the applicationContext-acegi-security.xml > (kerberos bean is an initializing bean to simply set the relevant > java.security properties for kerberos on startup) : > > <bean id="authenticationManager" > class="org.acegisecurity.providers.ProviderManager"> > <property name="providers"> > <list> > <ref bean="jaasAuthenticationProvider"/> > </list> > </property> > </bean> > > <bean id="jaasAuthenticationProvider" > class="org.acegisecurity.providers.jaas.JaasAuthenticationProvider"> > <property > name="loginConfig"><value>/WEB-INF/login.conf</value></property> > <property name="loginContextName"><value>JAASTest</value></property> > <property name="callbackHandlers"> > <list> > <bean > class="org.acegisecurity.providers.jaas.JaasNameCallbackHandler"/> > <bean > class="org.acegisecurity.providers.jaas.JaasPasswordCallbackHandler"/> > </list> > </property> > <property name="authorityGranters"> > <list> > <!-- NOTE OUR ACTUAL PACKAGE NAMES REMOVED FROM THE > EXAMPLE --> > <bean > class="OURPACKAGE.security.PrincipalRoleAuthorityGranter"/> > </list> > </property> > </bean> > > <!-- NOTE OUR ACTUAL REALM, PACAKAGE AND KDC REMOVED FROM THE > EXAMPLE --> > <bean id="kerberosBean" class="OURPACKAGE.security.KerberosBean"> > <property name="realm" value="OURREALM.COM"/> > <property name="kdc" value="OURKDC"/> > <property name="debug" value="false"/> > </bean> > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys -- and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Home: http://acegisecurity.org > Acegisecurity-developer mailing list > Acegisecurity-developer@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer > ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer