One thing I notice is that cactus connects to http://localhost:8080/ServletRedirector but you have the Tomcat config url pattern as /ServletRedirectorSecure. Try removing the "Secure" from the end. Make the ServletRedirector servlet a secure resource. (Alternatively, you could add "Secure" to you cactus.properties file, but I'd say it would be better to remove it.)
Let me know if that changes anything. Jason -----Original Message----- From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US] Sent: Friday, October 25, 2002 11:47 AM To: 'Cactus Users List' Subject: RE: FormAuthentication Hi Jason, Yes Authentication works. I am using JBoss app server. with user defined security realm/domain where all the users and roles are mapped using users.properties and roles.properties.I can run the servlet straightaway and I am asked to authenticate using a FormLogin.I have been able to set security role-mapping JSP/Servlets-to-EJB.I was trying to write test cases to test Servlet's & EJB's with their roles for which I need the JBoss App Server to authenticate and set up Identity/Principal and their roles. Let me know how can I help. Pranab ---------------------------------------------------------------------- JBoss Security Realm login-config.xml:- <application-policy name = "IDSCONF-REALM"> <!-- A simple server login module, which can be used when the number of users is relatively small. It uses two properties files: WEB-INF/classes/users.properties, which holds users (key) and their password (value). WEB-INF/classes/roles.properties, which holds users (key) and a comma-separated list of their roles (value). The unauthenticatedIdentity property defines the name of the principal that will be used when a null username and password are presented as is the case for an unuathenticated web client or MDB. If you want to allow such users to be authenticated add the property, e.g., unauthenticatedIdentity="nobody" --> <authentication> <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" > <module-option name = "unauthenticatedIdentity">guest</module-option> </login-module> </authentication> </application-policy> ---------------------------------------------------------------------- Tomcat Security:- <security-constraint> <web-resource-collection> <web-resource-name>SecurityRestriction</web-resource-name> <description>Protect the Cactus redirector servlet.</description> <url-pattern>/ServletRedirectorSecure</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <description>Authorized Users Group</description> <role-name>idsconf_admin</role-name> <role-name>idsconf_user</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <realm-name>IDSCONF-REALM</realm-name> <form-login-config> <form-login-page>/LoginForm.jsp</form-login-page> <form-error-page>/LoginError.jsp</form-error-page> </form-login-config> </login-config> <security-role> <!-- This role is mapped to EjbRoles using the application deployment descriptor logical roles --> <description>The Secure ROLE</description> <role-name>idsconf_admin</role-name> </security-role> <security-role> <!-- This role is mapped to EjbRoles using the application deployment descriptor logical roles --> <description>The Non Secure ROLE</description> <role-name>idsconf_user</role-name> </security-role> ---------------------------------------------------------------------- J2EE application roles:- <application> ...... app jars. <security-role> <!-- This role provides the mapping between Web App roles and Ejb Roles --> <description>Administrator Role</description> <role-name>idsconf_admin</role-name> </security-role> <security-role> <!-- This role provides the mapping between Web App roles and Ejb Roles --> <description>User Role</description> <role-name>idsconf_user</role-name> </security-role> <security-role> <!-- This role is an internal role and must not be mapped --> <description>Internal Role</description> <role-name>idsconf_internal</role-name> </security-role> </application> JBoss EJB Security mapping jboss.xml <jboss> <security-domain>java:jaas/IDSCONF-REALM</security-domain> ..... entity/session beans jndi mapping <container-configurations> <!-- StatelessSession beans are secure by default --> <container-configuration> <container-name>Standard Stateless SessionBean</container-name> <security-domain>java:/jaas/IDSCONF-REALM</security-domain> </container-configuration> <!-- Entity beans are secure by default --> <container-configuration> <container-name>Standard BMP EntityBean</container-name> <security-domain>java:/jaas/IDSCONF-REALM</security-domain> </container-configuration> <!-- A stateless session config that is not secured --> <container-configuration extends="Standard Stateless SessionBean"> <container-name>Unsecure Stateless SessionBean</container-name> <security-domain/> </container-configuration> </container-configurations> </jboss> ---------------------------------------------------------------------- # A sample users.properties file for use with the UsersRolesLoginModule # user=password admin=admin pkdhar=pkdhar bob=bob ---------------------------------------------------------------------- # A sample roles.properties file for use with the UsersRolesLoginModule # user=role1,role2... admin=idsconf_admin,idsconf_user pkdhar=idsconf_user bob=idsconf_user -----Original Message----- From: Robertson, Jason [mailto:Jason.Robertson@;acs-inc.com] Sent: Friday, October 25, 2002 11:21 AM To: 'Cactus Users List' Subject: RE: FormAuthentication Buried in the stack trace is "Failed to authenticate the principal". If you try to log into the website normally using admin/admin does it work? What server are you using? We have test cases that work with Tomcat and WebLogic. Jason -----Original Message----- From: Dhar, Pranab [mailto:Pranab.Dhar@;DFA.STATE.NY.US] Sent: Friday, October 25, 2002 10:10 AM To: '[EMAIL PROTECTED]' Subject: FormAuthentication Hi, I am in a situation where I have EJB's and servlets created with security roles defined.I need to test the Servlets and EJB's doing the authentication in the process.I am using FormAuthentication for the secured jsp/servlets/struts forms and actions. I installed cactus 1.4.1 and found out that it does'nt implement form authentication so I am now using the nightly build 20021022 after checking the mailing list that some gentlemen have been adding this new feature. My testcase is as follows:- public void beginBasicAuthentication(WebRequest theRequest) { theRequest.setURL("localhost:8080", "/", "/secure/idsconf", null, null); theRequest.addCookie( "test", "test" ); theRequest.setRedirectorName("ServletRedirectorSecure"); theRequest.setAuthentication(new FormAuthentication("admin", "admin")); } public void testBasicAuthentication() { assertEquals("admin", request.getUserPrincipal().getName()); assertEquals("admin", request.getRemoteUser()); assertTrue("User not in 'admin' role", request.isUserInRole("admin")); } I am getting this error when I run the test in Log4J DEBUG mode ---------------------------------------------------------------------------- --------------------- 18:00:12,899 [main] DEBUG ent.HttpClientConnectionHelper - <getCookieString([simulation URL = [null], automatic session = [true], cookies = [], headers = [], GET parameters = [], POST parameters = []], [http://localhost:8080/ServletRedirector]) 18:00:12,899 [main] DEBUG ent.HttpClientConnectionHelper - >getCookieString = [null] 18:00:13,891 [main] DEBUG ent.HttpClientConnectionHelper - >connect = [org.apache.cactus.util.HttpURLConnection:http://localhost:8080/ServletRedir ector] 18:00:13,901 [main] DEBUG util.HttpURLConnection - <getHeaderFieldKey([1]) 18:00:13,901 [main] DEBUG util.HttpURLConnection - >getHeaderFieldKey = [Connection] 18:00:13,901 [main] DEBUG util.HttpURLConnection - <getHeaderFieldKey([2]) 18:00:13,901 [main] DEBUG util.HttpURLConnection - >getHeaderFieldKey = [null] 18:00:13,901 [main] DEBUG hentication.FormAuthentication - Using security check URL [http://localhost:8080/j_security_check] 18:00:13,901 [main] DEBUG client.ConnectionHelperFactory - <getConnectionHelper([http://localhost:8080/j_security_check], [org.apache.cactus.util.ServletConfiguration@1dff3a2]) 18:00:13,901 [main] DEBUG client.ConnectionHelperFactory - >getConnectionHelper = [org.apache.cactus.client.HttpClientConnectionHelper@1d9fd51] 18:00:13,901 [main] DEBUG cactus.WebRequest - <addCookie([null], [null]) 18:00:13,901 [main] DEBUG cactus.WebRequest - <addCookie([localhost], [null], [null]) 18:00:13,901 [main] DEBUG servlet.TestLoginServlet - Exception in test 18:00:13,901 [main] DEBUG util.ChainedRuntimeException - <printStackTrace([org.apache.log4j.spi.VectorWriter@121f1d]) 18:00:13,971 [main] DEBUG util.ChainedRuntimeException - >printStackTrace org.apache.cactus.util.ChainedRuntimeException: Failed to authenticate the principal at org.apache.cactus.client.authentication.FormAuthentication.authenticate(Form Authentication.java;org/apache/cactus/util/log/LogAspect.aj(1k):288) at org.apache.cactus.client.authentication.FormAuthentication.configure$ajcPost Around13(FormAuthentication.java;org/apache/cactus/util/log/LogAspect.aj(1k) :147) at org.apache.cactus.client.authentication.FormAuthentication.configure$ajcPost Around13$ajcVoidWrapper(FormAuthentication.java;org/apache/cactus/util/log/L ogAspect.aj(1k)) at org.apache.cactus.client.authentication.FormAuthentication.configure(FormAut hentication.java;org/apache/cactus/util/log/LogAspect.aj(1k):1151) at org.apache.cactus.client.HttpClientConnectionHelper.connect$ajcPostAround9(H ttpClientConnectionHelper.java;org/apache/cactus/util/log/LogAspect.aj(1k):1 16) at org.apache.cactus.client.HttpClientConnectionHelper.connect(HttpClientConnec tionHelper.java;org/apache/cactus/util/log/LogAspect.aj(1k):1222) at org.apache.cactus.client.AbstractHttpClient.callRunTest(AbstractHttpClient.j ava;org/apache/cactus/util/log/LogAspect.aj(1k):200) at org.apache.cactus.client.AbstractHttpClient.doTest$ajcPostAround8(AbstractHt tpClient.java;org/apache/cactus/util/log/LogAspect.aj(1k):124) at org.apache.cactus.client.AbstractHttpClient.doTest(AbstractHttpClient.java;o rg/apache/cactus/util/log/LogAspect.aj(1k):1222) at org.apache.cactus.AbstractWebTestCase.runWebTest(AbstractWebTestCase.java:31 0) at org.apache.cactus.AbstractWebTestCase.runGenericTest(AbstractWebTestCase.jav a:260) at org.apache.cactus.ServletTestCase.runTest(ServletTestCase.java:136) at org.apache.cactus.AbstractTestCase.runBare(AbstractTestCase.java:255) at junit.framework.TestResult$1.protect(TestResult.java:106) at junit.framework.TestResult.runProtected(TestResult.java:124) at junit.framework.TestResult.run(TestResult.java:109) at junit.framework.TestCase.run(TestCase.java:118) at junit.framework.TestSuite.runTest(TestSuite.java:208) at junit.framework.TestSuite.run(TestSuite.java:203) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRu nner.java:329) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner. java:218) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner .java:151) java.lang.NullPointerException: missing cookie name at org.apache.cactus.Cookie.<init>(Cookie.java;org/apache/cactus/util/log/LogAs pect.aj(1k):138) at org.apache.cactus.WebRequest.addCookie$ajcPostAround91(WebRequest.java;org/a pache/cactus/util/log/LogAspect.aj(1k):573) at org.apache.cactus.WebRequest.addCookie$ajcPostAround91$ajcVoidWrapper(WebReq uest.java;org/apache/cactus/util/log/LogAspect.aj(1k)) at org.apache.cactus.WebRequest.addCookie(WebRequest.java;org/apache/cactus/uti l/log/LogAspect.aj(1k):1151) at org.apache.cactus.WebRequest.addCookie$ajcPostAround88(WebRequest.java;org/a pache/cactus/util/log/LogAspect.aj(1k):555) at org.apache.cactus.WebRequest.addCookie$ajcPostAround88$ajcVoidWrapper(WebReq uest.java;org/apache/cactus/util/log/LogAspect.aj(1k)) at org.apache.cactus.WebRequest.addCookie(WebRequest.java;org/apache/cactus/uti l/log/LogAspect.aj(1k):1151) at org.apache.cactus.client.authentication.FormAuthentication.authenticate(Form Authentication.java;org/apache/cactus/util/log/LogAspect.aj(1k):266) at org.apache.cactus.client.authentication.FormAuthentication.configure$ajcPost Around13(FormAuthentication.java;org/apache/cactus/util/log/LogAspect.aj(1k) :147) at org.apache.cactus.client.authentication.FormAuthentication.configure$ajcPost Around13$ajcVoidWrapper(FormAuthentication.java;org/apache/cactus/util/log/L ogAspect.aj(1k)) at org.apache.cactus.client.authentication.FormAuthentication.configure(FormAut hentication.java;org/apache/cactus/util/log/LogAspect.aj(1k):1151) at org.apache.cactus.client.HttpClientConnectionHelper.connect$ajcPostAround9(H ttpClientConnectionHelper.java;org/apache/cactus/util/log/LogAspect.aj(1k):1 16) at org.apache.cactus.client.HttpClientConnectionHelper.connect(HttpClientConnec tionHelper.java;org/apache/cactus/util/log/LogAspect.aj(1k):1222) at org.apache.cactus.client.AbstractHttpClient.callRunTest(AbstractHttpClient.j ava;org/apache/cactus/util/log/LogAspect.aj(1k):200) at org.apache.cactus.client.AbstractHttpClient.doTest$ajcPostAround8(AbstractHt tpClient.java;org/apache/cactus/util/log/LogAspect.aj(1k):124) at org.apache.cactus.client.AbstractHttpClient.doTest(AbstractHttpClient.java;o rg/apache/cactus/util/log/LogAspect.aj(1k):1222) at org.apache.cactus.AbstractWebTestCase.runWebTest(AbstractWebTestCase.java:31 0) at org.apache.cactus.AbstractWebTestCase.runGenericTest(AbstractWebTestCase.jav a:260) at org.apache.cactus.ServletTestCase.runTest(ServletTestCase.java:136) at org.apache.cactus.AbstractTestCase.runBare(AbstractTestCase.java:255) at junit.framework.TestResult$1.protect(TestResult.java:106) at junit.framework.TestResult.runProtected(TestResult.java:124) at junit.framework.TestResult.run(TestResult.java:109) at junit.framework.TestCase.run(TestCase.java:118) at junit.framework.TestSuite.runTest(TestSuite.java:208) at junit.framework.TestSuite.run(TestSuite.java:203) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRu nner.java:329) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner. java:218) at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner .java:151) I would like to know if there are any successful instances using FormAuthentication. Any help is appreciated. Thanks, Pranab Dhar -- To unsubscribe, e-mail: <mailto:cactus-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:cactus-user-help@;jakarta.apache.org> -- To unsubscribe, e-mail: <mailto:cactus-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:cactus-user-help@;jakarta.apache.org> -- To unsubscribe, e-mail: <mailto:cactus-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:cactus-user-help@;jakarta.apache.org> -- To unsubscribe, e-mail: <mailto:cactus-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:cactus-user-help@;jakarta.apache.org>
