Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-19 Thread Ivan
Hi,
   Geronimo 2.1.4 used a customized 6.0.18 Tomcat build,
   So far, I did not find a gentle way to turn off the cache, but the quick
way to check it is to check out the source codes of
https://svn.apache.org/repos/asf/tomcat/tc6.0.x/tags/TOMCAT_6_0_18/java/org/apache/catalina/authenticator/AuthenticatorBase.java,
and change the line :
protected boolean cache = true;  -> false
A file in the
https://svn.apache.org/repos/asf/geronimo/server/tags/2.1.4/repository/org/apache/tomcat/6.0.18-G678601.README.TXTis
to guide you how to build a customized Tomcat build.


2010/3/19 mirceade 

>
> Ashish: Just forget about the first post. I just needed to protect the
> application's name. Only the last post with both of my configs is relevant.
> We encounter the problem at run time when the DeltaManager attempts so
> serialize a... well, session delta. That's all the error I get from the
> logs:
>
>
> 2010-03-12 07:02:19,828 ERROR [DeltaRequest] DeltaManager only support
> GenericPrincipal. Your realm used principal class
> org.apache.geronimo.tomcat.JAASTomcatPrincipal.
>
> Ivan: How do I turn off the authentication cache? We use Geronimo 2.1.4 (in
> fact WebSphere Community Edition 2.1.3 which is rather the same I guess).
> --
> View this message in context:
> http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p462251.html
> Sent from the Users mailing list archive at Nabble.com.
>



-- 
Ivan


Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-19 Thread mirceade

Ashish: Just forget about the first post. I just needed to protect the
application's name. Only the last post with both of my configs is relevant.
We encounter the problem at run time when the DeltaManager attempts so
serialize a... well, session delta. That's all the error I get from the
logs:


2010-03-12 07:02:19,828 ERROR [DeltaRequest] DeltaManager only support
GenericPrincipal. Your realm used principal class
org.apache.geronimo.tomcat.JAASTomcatPrincipal.

Ivan: How do I turn off the authentication cache? We use Geronimo 2.1.4 (in
fact WebSphere Community Edition 2.1.3 which is rather the same I guess).
-- 
View this message in context: 
http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p462251.html
Sent from the Users mailing list archive at Nabble.com.


Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-18 Thread Ivan
It might be a defect in Geronimo, turn off the authentication cache should
work around this, usually, Tomcat would cache the principle with the
session, so it did not need to authenticate the users each time, but
Geronimo's customzied principal did not follow Tomcat's cluster rule. So
which Geronimo version did you use ? 2.1.4 or 2.2 ?

2010/3/18 Ashish Jain 

> I notice that ur first post suggested you realm name is AppSecurity and you
> geronimo deployment plan seems to be using
> APPOperatorSecurity. Create a realm with correct name and try. Another Q
> comes to my mind is when is that you are hitting the
> exception deploy/run??? In case you again hit the error...paste the
> complete error trace.
>
>
> On Thu, Mar 18, 2010 at 2:03 PM, mirceade  wrote:
>
>>
>> Hi, I've posted my configs. Does anybody have any idea why I end up with a
>> JAASTomcatPrincipal and why the DeltaManager fails to replicate it
>> (shouldn't it work with anything that's Serializable?) ?
>> Thanks.
>> Mircea.
>> --
>> View this message in context:
>> http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p455044.html
>> Sent from the Users mailing list archive at Nabble.com.
>>
>
>


-- 
Ivan


Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-18 Thread Ashish Jain
I notice that ur first post suggested you realm name is AppSecurity and you
geronimo deployment plan seems to be using
APPOperatorSecurity. Create a realm with correct name and try. Another Q
comes to my mind is when is that you are hitting the
exception deploy/run??? In case you again hit the error...paste the complete
error trace.


On Thu, Mar 18, 2010 at 2:03 PM, mirceade  wrote:

>
> Hi, I've posted my configs. Does anybody have any idea why I end up with a
> JAASTomcatPrincipal and why the DeltaManager fails to replicate it
> (shouldn't it work with anything that's Serializable?) ?
> Thanks.
> Mircea.
> --
> View this message in context:
> http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p455044.html
> Sent from the Users mailing list archive at Nabble.com.
>


Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-18 Thread mirceade

Hi, I've posted my configs. Does anybody have any idea why I end up with a
JAASTomcatPrincipal and why the DeltaManager fails to replicate it
(shouldn't it work with anything that's Serializable?) ?
Thanks.
Mircea.
-- 
View this message in context: 
http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p455044.html
Sent from the Users mailing list archive at Nabble.com.


Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-13 Thread Ashish Jain
Is it possible for you to paste your geronimo deployment plan??

On Sat, Mar 13, 2010 at 3:42 PM, mirceade  wrote:

>
> Yes, you're right. The third party's app. LoginModule adds a
> AppUserPrincipal
> (which extends the GeronimoGroupPrincipal class) to the Subject's
> principals, just like the PropertyFileLoginModule example you've shown to
> me.
>
> But that doesn't explain why I end up with a JAASTomcatPrincipal on the
> to-be-replicated session unless there is some wrapping down the chain.
>
> I've read the links you've given me but I'm still in the dark regarding
> this
> one.
>
> Cheers,
> Mircea.
> --
> View this message in context:
> http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p445415.html
> Sent from the Users mailing list archive at Nabble.com.
>


Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-13 Thread mirceade

Yes, you're right. The third party's app. LoginModule adds a AppUserPrincipal
(which extends the GeronimoGroupPrincipal class) to the Subject's
principals, just like the PropertyFileLoginModule example you've shown to
me. 

But that doesn't explain why I end up with a JAASTomcatPrincipal on the
to-be-replicated session unless there is some wrapping down the chain.

I've read the links you've given me but I'm still in the dark regarding this
one.

Cheers,
Mircea.
-- 
View this message in context: 
http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p445415.html
Sent from the Users mailing list archive at Nabble.com.


Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-12 Thread Ashish Jain
Have a look at one of the existing login modules available in geronimo
https://svn.apache.org/repos/asf/geronimo/server/tags/2.1.4/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java

Try out variaous samples and documentation available with geronimo to
understand more on how it works on geronimo
http://cwiki.apache.org/GMOxDOC21/timereport-web-application-security-sample.html
http://cwiki.apache.org/GMOxDOC21/security.html

thanks
Ashish

On Fri, Mar 12, 2010 at 7:04 PM, mirceade  wrote:

> Hi,
> For as little as I understand the login module is just responsible for *
> validating* the user/password combination but does not instantiate a new
> Principal. I have no mapping for the principals in the Geronimo deployment
> plan.
> As I've said, I don't really understand who's responsible in the end for
> setting the Principal's type and what I should modify to make it a
> GenericPrincipal.
>
> Thanks.
>
> 2010/3/12 Ashish Jain [via Apache Geronimo] <[hidden 
> email]<http://n3.nabble.com/user/SendEmail.jtp?type=node&node=443936&i=0>
> >
>
>> I see from your security realm  that you are using a custom login module.
>> Are you also using custom principal class as well?? How are you adding
>> principals to geronimo in login module commit method?? How are mapping the
>> principals in your geronimo deployment plan??
>>
>> On Fri, Mar 12, 2010 at 3:04 PM, mirceade <[hidden 
>> email]<http://n3.nabble.com/user/SendEmail.jtp?type=node&node=443729&i=0>
>> > wrote:
>>
>>>
>>> Hi,
>>> I'm trying to use clustering for a Geronimo with Tomcat for a third party
>>> application following the instructions here:
>>> http://publib.boulder.ibm.com/wasce/V2.0.0/en/clustering.html
>>>
>>> I'm getting the following error:
>>>
>>> 2010-03-12 07:02:19,828 ERROR [DeltaRequest] DeltaManager only support
>>> GenericPrincipal. Your realm used principal class
>>> org.apache.geronimo.tomcat.JAASTomcatPrincipal.
>>>
>>> Now, I guess that for creating the Principal a Realm is the one
>>> responsible
>>> which in my case is the JAASTomcatRealm or smth. like that (this seems to
>>> be
>>> the default for Tomcat when configured inside Geronimo).
>>>
>>> My question is how do I change these realms (and with what GBean configs)
>>> in
>>> order to make Tomcat clustering work.
>>>
>>> I know nothing about security in a JEE server. Please help me. Please.
>>>
>>> The application's settings for the Realm:
>>>
>>>>> class="org.apache.geronimo.security.realm.GenericSecurityRealm"
>>> xsi:type="dep:gbeanType"
>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>>>AppSecurity
>>>
>>>ServerInfo
>>>
>>>
>>>>> xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0";>
>>>>> wrap-principals="false">
>>>
>>> AppSecurity
>>>
>>>
>>> at.co.sbs.kix.server.security.geronimo.AppGeronimoLoginModule
>>>
>>> >> name="dataSourceApplication">com.app/App/3.4/car
>>>...
>>>.
>>>  
>>>   
>>>  
>>> 
>>>
>>>
>>> Thank you.
>>> Mircea.
>>> --
>>> View this message in context:
>>> http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p443671.html
>>> Sent from the Users mailing list archive at Nabble.com.
>>>
>>
>>
>
> --
> View this message in context: Re: DeltaManager only support
> GenericPrincipal. Your realm used principal class
> org.apache.geronimo.tomcat.JAASTomcatPrincipal<http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p443936.html>
>
> Sent from the Users mailing list 
> archive<http://n3.nabble.com/Users-f328036.html>at Nabble.com.
>


Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-12 Thread mirceade

Hi,
For as little as I understand the login module is just responsible for *
validating* the user/password combination but does not instantiate a new
Principal. I have no mapping for the principals in the Geronimo deployment
plan.
As I've said, I don't really understand who's responsible in the end for
setting the Principal's type and what I should modify to make it a
GenericPrincipal.

Thanks.

2010/3/12 Ashish Jain [via Apache Geronimo] <
ml-node+443729-370314233-186...@n3.nabble.com
>

> I see from your security realm  that you are using a custom login module.
> Are you also using custom principal class as well?? How are you adding
> principals to geronimo in login module commit method?? How are mapping the
> principals in your geronimo deployment plan??
>
> On Fri, Mar 12, 2010 at 3:04 PM, mirceade <[hidden 
> email]
> > wrote:
>
>>
>> Hi,
>> I'm trying to use clustering for a Geronimo with Tomcat for a third party
>> application following the instructions here:
>> http://publib.boulder.ibm.com/wasce/V2.0.0/en/clustering.html
>>
>> I'm getting the following error:
>>
>> 2010-03-12 07:02:19,828 ERROR [DeltaRequest] DeltaManager only support
>> GenericPrincipal. Your realm used principal class
>> org.apache.geronimo.tomcat.JAASTomcatPrincipal.
>>
>> Now, I guess that for creating the Principal a Realm is the one
>> responsible
>> which in my case is the JAASTomcatRealm or smth. like that (this seems to
>> be
>> the default for Tomcat when configured inside Geronimo).
>>
>> My question is how do I change these realms (and with what GBean configs)
>> in
>> order to make Tomcat clustering work.
>>
>> I know nothing about security in a JEE server. Please help me. Please.
>>
>> The application's settings for the Realm:
>>
>>> class="org.apache.geronimo.security.realm.GenericSecurityRealm"
>> xsi:type="dep:gbeanType"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>>AppSecurity
>>
>>ServerInfo
>>
>>
>>> xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0";>
>>> wrap-principals="false">
>>
>> AppSecurity
>>
>>
>> at.co.sbs.kix.server.security.geronimo.AppGeronimoLoginModule
>> > name="dataSourceApplication">com.app/App/3.4/car
>>...
>>.
>>  
>>   
>>  
>> 
>>
>>
>> Thank you.
>> Mircea.
>> --
>> View this message in context:
>> http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p443671.html
>> Sent from the Users mailing list archive at Nabble.com.
>>
>
>
>
> --
>  View message @
> http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p443729.html
> To unsubscribe from DeltaManager only support GenericPrincipal. Your realm
> used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal, click
> here< (link removed) ==>.
>
>
>

-- 
View this message in context: 
http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p443936.html
Sent from the Users mailing list archive at Nabble.com.


Re: DeltaManager only support GenericPrincipal. Your realm used principal class org.apache.geronimo.tomcat.JAASTomcatPrincipal

2010-03-12 Thread Ashish Jain
I see from your security realm  that you are using a custom login module.
Are you also using custom principal class as well?? How are you adding
principals to geronimo in login module commit method?? How are mapping the
principals in your geronimo deployment plan??

On Fri, Mar 12, 2010 at 3:04 PM, mirceade  wrote:

>
> Hi,
> I'm trying to use clustering for a Geronimo with Tomcat for a third party
> application following the instructions here:
> http://publib.boulder.ibm.com/wasce/V2.0.0/en/clustering.html
>
> I'm getting the following error:
>
> 2010-03-12 07:02:19,828 ERROR [DeltaRequest] DeltaManager only support
> GenericPrincipal. Your realm used principal class
> org.apache.geronimo.tomcat.JAASTomcatPrincipal.
>
> Now, I guess that for creating the Principal a Realm is the one responsible
> which in my case is the JAASTomcatRealm or smth. like that (this seems to
> be
> the default for Tomcat when configured inside Geronimo).
>
> My question is how do I change these realms (and with what GBean configs)
> in
> order to make Tomcat clustering work.
>
> I know nothing about security in a JEE server. Please help me. Please.
>
> The application's settings for the Realm:
>
> class="org.apache.geronimo.security.realm.GenericSecurityRealm"
> xsi:type="dep:gbeanType"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>AppSecurity
>
>ServerInfo
>
>
> xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0";>
> wrap-principals="false">
>
> KIXOperatorSecurity
>
>
> at.co.sbs.kix.server.security.geronimo.KIXGeronimoLoginModule
>  name="dataSourceApplication">com.app/App/3.4/car
>...
>.
>  
>   
>  
> 
>
>
> Thank you.
> Mircea.
> --
> View this message in context:
> http://n3.nabble.com/DeltaManager-only-support-GenericPrincipal-Your-realm-used-principal-class-org-apache-geronimo-tomcal-tp443671p443671.html
> Sent from the Users mailing list archive at Nabble.com.
>