Re: [jetspeed] Jboss login module issue

[Pradeep Reddy]

Yeah, finally I solved this problem, more than anything a wild guess helped 
me in solving this issue.
Instead of using the DefaultLoginModule , I used JbossLoginModule when I 
deployed jetspped in Jboss.
JossLoginModule is extended from the default in a way it defers in adding 
the "portaluser" role to the subject.

Regards,
Pradeep.
--------------------------------------------------
From: "Pradeep Reddy" <[EMAIL PROTECTED]>
Sent: Friday, November 07, 2008 3:52 AM
To: "Jetspeed Users List" <jetspeed-user@portals.apache.org>
Subject: Re: [jetspeed] Jboss login module issue

I solved part of the problem,
In jetspeed's jboss-web.xml, security domain was configured as

<security-domain 
flushOnSessionInvalidation="true">java:/jaas/Jetspeed</security-domain>

So I changed the jsetspeed login.config to configure the security domain 
called Jetspeed with the login module implementation 
"org.apache.jetspeed.security.impl.DefaultLoginModule".

Now the problem is, once you enter user name and password and login, the 
action goes to LoginProxyServlet.java. if I could understand the code 
correctly, whether login is successful or not, the request is redirected 
to "/login/redirector", which has a security constraint configured in the 
web.xml as bellow.


<security-constraint>
   <web-resource-collection>
     <web-resource-name>Login</web-resource-name>
     <url-pattern>/login/redirector</url-pattern>
   </web-resource-collection>
   <auth-constraint>
     <!-- the required portal user role name defined in: -->
     <!-- /WEB-INF/assembly/security-atn.xml             -->
     <role-name>portal-user</role-name>
   </auth-constraint>
 </security-constraint>

the user with the role "portal-user" only can access the resource with the 
url login/redirector. So as soon as I login I can see the page which tells 
me "HTTP Status 403 - Access to the requested resource has been denied".

After this if you access portal url again, it shows that you are logged in 
as admin.


Can any one explain me this behaviors ? and what should I do to get around 
this problem?

Thanks & Regards,
Pradeep.

--------------------------------------------------
From: "Pradeep Reddy" <[EMAIL PROTECTED]>
Sent: Friday, November 07, 2008 2:54 AM
To: <jetspeed-user@portals.apache.org>
Subject: [jetspeed] Jboss login module issue

Hi,

I am running the jetspeed 2 on jboss, actually speaking I moved it from 
tomcat to jboss.
I completed the migration successfully, but few issues does exist.
when it was running on tomcat it was using the embedded derby data base, 
so I created the data source with the same database in jboss.
It is not allowing me to login into the portal.

What I can infer is, jetspeed is using the custom login module, so that 
needs to be configured some where in Jboss.


see the error log below.


02:34:26,903 ERROR [UsersRolesLoginModule] Failed to load 
users/passwords/role f
iles
java.io.IOException: No properties file: users.properties or defaults: 
defaultUs
ers.properties found
       at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315)
       at 
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRole
sLoginModule.java:186)
       at 
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRo
lesLoginModule.java:200)
       at 
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRol
esLoginModule.java:127)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
       at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at 
javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
       at 
javax.security.auth.login.LoginContext.access$000(LoginContext.java:1
86)
       at 
javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
       at java.security.AccessController.doPrivileged(Native Method)
       at 
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:6
80)
       at 
javax.security.auth.login.LoginContext.login(LoginContext.java:579)
       at 
org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecur
ityManager.java:603)
       at 
org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecur
ityManager.java:537)
       at 
org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityMa
nager.java:344)
       at 
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBos
sSecurityMgrRealm.java:491)
       at 
org.apache.catalina.authenticator.FormAuthenticator.authenticate(Form
Authenticator.java:257)
       at 
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:416)
       at 
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
e.java:84)
       at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:127)
       at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
       at 
org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
onnectionValve.java:157)
       at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
       at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:262)
       at 
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:844)
       at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ss(Http11Protocol.java:583)
       at 
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
6)
       at java.lang.Thread.run(Thread.java:619)



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]