RE: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound)
we are using the DatabaseLogin for our security. And it works fine. As Greg did we added the jboss-web.xml and also added the extra property Andrew spoke of. Additionally we had to change auth.conf so it had an entry for our security domain. It was then just a simple matter of adding servlet mappings for the protected resources. (mostly JSP's) Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Greg Merrill Sent: Monday, June 11, 2001 12:17 PM To: [EMAIL PROTECTED] Subject: Re: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound) Andrew- I followed Scott's tutorial but met with success. Essentially, the tutorial led me to do two simple things: 1. Add a jboss-web.xml to my war describing the security-realm 2. Define users.properties and roles.properties and place them in jboss/conf/tomcat After doing these two things, I was able to authenticate secure url patterns successfully. -Greg --- "Andrew H. Blom" <[EMAIL PROTECTED]> wrote: > I've followed Scott Stark's tutorial to incorporate > JAAS-based security for > both servlets and ejb beans into my application. > Everything was pretty > straightforward, and seems to be working, for the > most part; when I try to > access the protected servlets I'm prompted to log > in. But like Greg > Merrill, when I actually try to log in, I get > javax.naming.NameNotFoundException: env not bound. > I'm using the > JBoss-2.2.2/Tomcat-3.2.2 bundle on win98. > > As far as I know, I'm following the tutorial to the > letter. I've defined > the security domain > > java:/jaas/risk > > in both the jboss-web.xml file and the jboss.xml > file. I've also > double-checked the jboss.jcml file. The mbean which > configures the > JaasSecurityManagerService already existed in the > original file, but didn't > include the attribute described in Scott's tutorial: > > name="SecurityProxyFactoryClassName">org.jboss.security.SubjectSecurityProxy > Factory > > so I added that too. These definitions are accepted > at jboss startup time, > as the log shows: > > [Configuration] DEBUG SecurityManagerClassName set > to > org.jboss.security.plugins.JaasSecurityManager in > Security:name=JaasSecurityManager > [Configuration] DEBUG SecurityProxyFactoryClassName > set to > org.jboss.security.SubjectSecurityProxyFactory in > Security:name=JaasSecurityManager > > but I still get the env not bound exception. Is > there something I'm missing > that anyone can see? It's perfectly possible that > I'm doing something > stupid, since I'm basically a newbie with both > tomcat and jboss, but I've > been over and over the guide and can't see what I'm > doing wrong ... > > Thanks, > Andrew > > > - > Andrew H Blom > [EMAIL PROTECTED] > > NetZero Platinum > No Banner Ads and Unlimited Access > Sign Up Today - Only $9.95 per month! > http://www.netzero.net > > ___ > JBoss-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/jboss-user __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound)
Andrew- I followed Scott's tutorial but met with success. Essentially, the tutorial led me to do two simple things: 1. Add a jboss-web.xml to my war describing the security-realm 2. Define users.properties and roles.properties and place them in jboss/conf/tomcat After doing these two things, I was able to authenticate secure url patterns successfully. -Greg --- "Andrew H. Blom" <[EMAIL PROTECTED]> wrote: > I've followed Scott Stark's tutorial to incorporate > JAAS-based security for > both servlets and ejb beans into my application. > Everything was pretty > straightforward, and seems to be working, for the > most part; when I try to > access the protected servlets I'm prompted to log > in. But like Greg > Merrill, when I actually try to log in, I get > javax.naming.NameNotFoundException: env not bound. > I'm using the > JBoss-2.2.2/Tomcat-3.2.2 bundle on win98. > > As far as I know, I'm following the tutorial to the > letter. I've defined > the security domain > > java:/jaas/risk > > in both the jboss-web.xml file and the jboss.xml > file. I've also > double-checked the jboss.jcml file. The mbean which > configures the > JaasSecurityManagerService already existed in the > original file, but didn't > include the attribute described in Scott's tutorial: > > name="SecurityProxyFactoryClassName">org.jboss.security.SubjectSecurityProxy > Factory > > so I added that too. These definitions are accepted > at jboss startup time, > as the log shows: > > [Configuration] DEBUG SecurityManagerClassName set > to > org.jboss.security.plugins.JaasSecurityManager in > Security:name=JaasSecurityManager > [Configuration] DEBUG SecurityProxyFactoryClassName > set to > org.jboss.security.SubjectSecurityProxyFactory in > Security:name=JaasSecurityManager > > but I still get the env not bound exception. Is > there something I'm missing > that anyone can see? It's perfectly possible that > I'm doing something > stupid, since I'm basically a newbie with both > tomcat and jboss, but I've > been over and over the guide and can't see what I'm > doing wrong ... > > Thanks, > Andrew > > > - > Andrew H Blom > [EMAIL PROTECTED] > > NetZero Platinum > No Banner Ads and Unlimited Access > Sign Up Today - Only $9.95 per month! > http://www.netzero.net > > ___ > JBoss-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/jboss-user __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound)
I've followed Scott Stark's tutorial to incorporate JAAS-based security for both servlets and ejb beans into my application. Everything was pretty straightforward, and seems to be working, for the most part; when I try to access the protected servlets I'm prompted to log in. But like Greg Merrill, when I actually try to log in, I get javax.naming.NameNotFoundException: env not bound. I'm using the JBoss-2.2.2/Tomcat-3.2.2 bundle on win98. As far as I know, I'm following the tutorial to the letter. I've defined the security domain java:/jaas/risk in both the jboss-web.xml file and the jboss.xml file. I've also double-checked the jboss.jcml file. The mbean which configures the JaasSecurityManagerService already existed in the original file, but didn't include the attribute described in Scott's tutorial: org.jboss.security.SubjectSecurityProxy Factory so I added that too. These definitions are accepted at jboss startup time, as the log shows: [Configuration] DEBUG SecurityManagerClassName set to org.jboss.security.plugins.JaasSecurityManager in Security:name=JaasSecurityManager [Configuration] DEBUG SecurityProxyFactoryClassName set to org.jboss.security.SubjectSecurityProxyFactory in Security:name=JaasSecurityManager but I still get the env not bound exception. Is there something I'm missing that anyone can see? It's perfectly possible that I'm doing something stupid, since I'm basically a newbie with both tomcat and jboss, but I've been over and over the guide and can't see what I'm doing wrong ... Thanks, Andrew - Andrew H Blom [EMAIL PROTECTED] NetZero Platinum No Banner Ads and Unlimited Access Sign Up Today - Only $9.95 per month! http://www.netzero.net ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound)
All of the standard tomcat authentication modules are unrelated to the JBoss authentication that works with both ejbs and servlets. This means using JAAS login modules to integrate with your security infrastructure. - Original Message - From: "Michael P. McCutcheon" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, June 09, 2001 12:31 AM Subject: Re: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound) > I'm also having problems getting JDBC authentication to work with the new > download. > > Given the URL below, what method of authentication are we to use? > > JDBC Authentication with Tomcat, or DatabaseServerLoginModule > authentication? > > I'm a little confused...do the two cooperate or are they unrelated? > > Mike > > - Original Message - > From: "Scott M Stark" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, June 08, 2001 10:05 PM > Subject: Re: [JBoss-user] Authentication problems in > JBoss-2.2.2/Tomcat-3.2.2 (env not bound) > > > > The 2.2.2 bundle uses the JBoss security manager. You have to define the > > security-domain in a jboss-web.xml descriptor. See the JAAS tutorial: > > http://www.jboss.org/documentation/HTML/ch11s83.html > > ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound)
I'm also having problems getting JDBC authentication to work with the new download. Given the URL below, what method of authentication are we to use? JDBC Authentication with Tomcat, or DatabaseServerLoginModule authentication? I'm a little confused...do the two cooperate or are they unrelated? Mike - Original Message - From: "Scott M Stark" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, June 08, 2001 10:05 PM Subject: Re: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound) > The 2.2.2 bundle uses the JBoss security manager. You have to define the > security-domain in a jboss-web.xml descriptor. See the JAAS tutorial: > http://www.jboss.org/documentation/HTML/ch11s83.html > > - Original Message - > From: "Greg Merrill" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, June 08, 2001 6:29 PM > Subject: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound) > > > > I recently downloaded JBoss-2.2.2 w/bundled > > Tomcat-3.2.1. I am running it on Win98. > > > > When I try to run the Tomcat sample jsp called > > "security" (this sample performs some basic user > > authentication) I get the following message in my > > JBoss server window: > > > > [EmbeddedTomcatSX] Error during authenticate > > [EmbeddedTomcatSX] javax.naming.NameNotFoundException: > > env not bound > > > > ___ > JBoss-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/jboss-user ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user
Re: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound)
The 2.2.2 bundle uses the JBoss security manager. You have to define the security-domain in a jboss-web.xml descriptor. See the JAAS tutorial: http://www.jboss.org/documentation/HTML/ch11s83.html - Original Message - From: "Greg Merrill" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, June 08, 2001 6:29 PM Subject: [JBoss-user] Authentication problems in JBoss-2.2.2/Tomcat-3.2.2 (env not bound) > I recently downloaded JBoss-2.2.2 w/bundled > Tomcat-3.2.1. I am running it on Win98. > > When I try to run the Tomcat sample jsp called > "security" (this sample performs some basic user > authentication) I get the following message in my > JBoss server window: > > [EmbeddedTomcatSX] Error during authenticate > [EmbeddedTomcatSX] javax.naming.NameNotFoundException: > env not bound ___ JBoss-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-user