Re: [Acegisecurity-developer] Spring Security is not portable

2009-05-14 Thread David Hoffer 
I don't understand.  I see the link explains the UsersRolesLoginModule, the
property files it uses, and how to subclass it, etc.

What I don't understand is what in JBoss needs to be 'fixed' so that
spring-security is portable.  I'm using JAAS in spring-security so I can't
add also add users to UsersRolesLoginModule's property files, etc.

Please explain.

-Dave


On Thu, May 14, 2009 at 6:08 PM, Ray Krueger  wrote:

> > I have a simple war where I used spring-security to implement a BASIC
> login
> > using JAAS.  It works fine on Tomcat but on JBoss I get the following
> > error.  It seems to be ignoring my spring-security configuration because
> it
> > wants to load users/roles from local file.
> >
> > 13:54:02,128 ERROR [UsersRolesLoginModule] Failed to load
> > users/passwords/role f
> > iles
> > java.io.IOException: No properties file: users.properties or defaults:
> > defaultUs
> > ers.properties found
> > at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315)
> > at
> > org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRole
> > sLoginModule.java:186)
> >
> > Why isn't this portable to JBoss?
>
> It is all portable to JBoss. What you have is a JBoss problem, not an
> Acegi problem.
> This might help...
> http://www.jboss.org/community/wiki/UsersRolesLoginModule
>
>
> --
> Crystal Reports - New Free Runtime and 30 Day Trial
> Check out the new simplified licensing option that enables
> unlimited royalty-free distribution of the report engine
> for externally facing server and web deployment.
> http://p.sf.net/sfu/businessobjects
> ___
> Home: http://acegisecurity.org
> Acegisecurity-developer mailing list
> Acegisecurity-developer@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
>
--
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables 
unlimited royalty-free distribution of the report engine 
for externally facing server and web deployment. 
http://p.sf.net/sfu/businessobjects___
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer

[Acegisecurity-developer] Spring Security is not portable

2009-05-14 Thread David Hoffer 
I have a simple war where I used spring-security to implement a BASIC login
using JAAS.  It works fine on Tomcat but on JBoss I get the following
error.  It seems to be ignoring my spring-security configuration because it
wants to load users/roles from local file.

13:54:02,128 ERROR [UsersRolesLoginModule] Failed to load
users/passwords/role f
iles
java.io.IOException: No properties file: users.properties or defaults:
defaultUs
ers.properties found
at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315)
at
org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRole
sLoginModule.java:186)
at
org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRo
lesLoginModule.java:200)
at
org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRol
esLoginModule.java:127)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:1
86)
at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:6
80)
at
javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at
org.springframework.security.providers.jaas.JaasAuthenticationProvide
r.authenticate(JaasAuthenticationProvider.java:190)
at
org.springframework.security.providers.ProviderManager.doAuthenticati
on(ProviderManager.java:188)
at
org.springframework.security.AbstractAuthenticationManager.authentica
te(AbstractAuthenticationManager.java:46)
at
org.springframework.security.ui.basicauth.BasicProcessingFilter.doFil
terHttp(BasicProcessingFilter.java:139)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringS
ecurityFilter.java:53)
at
org.springframework.security.util.FilterChainProxy$VirtualFilterChain
.doFilter(FilterChainProxy.java:390)
at
org.springframework.security.context.HttpSessionContextIntegrationFil
ter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235)
at
org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringS
ecurityFilter.java:53)
at
org.springframework.security.util.FilterChainProxy$VirtualFilterChain
.doFilter(FilterChainProxy.java:390)
at
org.springframework.security.util.FilterChainProxy.doFilter(FilterCha
inProxy.java:175)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(D
elegatingFilterProxy.java:236)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(Delegat
ingFilterProxy.java:167)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFi
lter.java:96)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:230)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:175)
at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(Securit
yAssociationValve.java:182)
at
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValv
e.java:84)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
at
org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedC
onnectionValve.java:157)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:262)
at
org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcesso
r.java:856)
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.pr
ocess(Http11AprProtocol.java:566)
at
org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:15
08)

Here are my configuration files:

http://www.springframework.org/schema/security";
 xmlns:beans="http://www.springframework.org/schema/beans";
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
 xsi:schemaLocation="http://www.springframework.org/schema

[Acegisecurity-developer] Spring-Security & JAAS Configuration

2009-05-13 Thread David Hoffer 
I am trying to create a simple webapp (war) that uses an internal custom
JAAS LoginModule to authenticate users, this solution has to work in
Tomcat/JBoss/WebSphere.  I thought Spring might be a natural fit to provide
a generic solution.

I have been reading the Spring docs (
http://static.springframework.org/sp...html/jaas.html)
to learn how to use spring security and to begin all was going well.
However when I get to chapter 15 which explains JAAS things are not working
for me anymore.  I suspect the problem is that in this chapter the examples
are too brief and leave a lot implied.  What I am looking for is basic info
on how to configure my applicationContext.xml to use Spring/JAAS.

Here is what I have so far:
http://www.springframework.org/schema/beans";
...



























where the file at WEB-INF/login.conf specifies what custom LoginModule to
use.

This code fails upon JBoss loading this file.  I think the problem is that
the jaasAuthenticationProvider bean is not tied to the
authentication-provider but don't know for sure.

Any help is greatly appreciated.

-Dave

P.S. Also, I'm not sure what code should be in TestAuthorityGranter, I took
my best guess but this is not the cause of the current failure.
--
The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
production scanning environment may not be a perfect world - but thanks to
Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
Series Scanner you'll get full speed at 300 dpi even with all image 
processing features enabled. http://p.sf.net/sfu/kodak-com___
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer