Hello,
I am still struggling with this and have made little progress, but I
have some specific questions about login.conf.
Note that I have commented out all of the LDAP references in my
deployerConfigContext.xml to eliminate any confusion.
1) When I "strace -Ff" tomcat from the start, I don't see any attempt to
open login.conf even through several attempts to authenticate via the
cas/login web page:
10302 stat("/var/lib/tomcat5/webapps/cas/WEB-INF/login.conf",
{st_mode=S_IFREG|0644, st_size=192, ...}) = 0
10302 stat("/var/lib/tomcat5/webapps/cas/WEB-INF/login.conf",
{st_mode=S_IFREG|0644, st_size=192, ...}) = 0
10302 access("/var/lib/tomcat5/webapps/cas/WEB-INF/login.conf", R_OK) = 0
10302 stat("/var/lib/tomcat5/webapps/cas/WEB-INF/login.conf",
{st_mode=S_IFREG|0644, st_size=192, ...}) = 0
10302
stat("/var/lib/tomcat5/webapps/cas/WEB-INF/classes/etc/cas/WEB-INF/login.conf",
0x40b05bf0) = -1 ENOENT (No such file or directory)
10302 stat("/var/lib/tomcat5/common/classes/etc/cas/WEB-INF/login.conf",
0x40b053f0) = -1 ENOENT (No such file or directory)
10302 stat("/var/lib/tomcat5/shared/classes/etc/cas/WEB-INF/login.conf",
0x40b05450) = -1 ENOENT (No such file or directory)
Why not?
2) It clearly finds login.conf but seems to keep looking is more locations.
Why?
3) Is there a way to specify the full path _outside_ of the app tree?
This doesn't work. As can be seen from the trace, it appends this to the
the web app location in tomcat.
<property name="loginConf" value="/etc/cas/WEB-INF/login.conf"/>
4) Jean Linlin said that this needed to be added to login.conf, but this
isn't what is describe on the wiki info page for login.conf:
com.sun.security.jgss.krb5.accept {
com.sun.security.auth.module.Krb5LoginModule required
principal="HTTP/your_...@your_domain.net"
useKeyTab=true
debug=true
keyTab="/etc/your_Keytab.keytab"
storeKey=true
useTicketCache=false;
};
I'd appreciate any help.
Thanks!
Brian
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user