Re: issue deploying webapp with security realm
Sorry, I forgot to mention it in the last email, you might need to add a global gbean attribute for realm. dep:attribute name=globaltrue/dep:attribute 2010/6/7 ttiurani timo.tiurani...@iki.fi Unfortunately I ran into more problems with deploying a custom security realm inside an ear to Geronimo 2.2. Even though I am now able to successfully deploy the security realm to G22, I can not get a reference to the LoginModule. This is the stack trace I get: javax.security.auth.login.LoginException: No LoginModules configured for MySecurityRealm at javax.security.auth.login.LoginContext.init(LoginContext.java:256) at javax.security.auth.login.LoginContext.init(LoginContext.java:367) at javax.security.auth.login.LoginContext.init(LoginContext.java:444) at org.test.MyFilter.doFilter(MyFilter.java:32) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.geronimo.tomcat.security.SecurityValve.invoke(SecurityValve.java:88) at org.apache.geronimo.tomcat.security.jacc.JACCSecurityValve.invoke(JACCSecurityValve.java:54) at org.apache.geronimo.tomcat.GeronimoStandardContext$SystemMethodValve.invoke(GeronimoStandardContext.java:420) at org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve.invoke(GeronimoBeforeAfterValve.java:47) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:567) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:361) at org.apache.geronimo.pool.ThreadPool$1.run(ThreadPool.java:214) at org.apache.geronimo.pool.ThreadPool$ContextClassLoaderRunnable.run(ThreadPool.java:344) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) at java.lang.Thread.run(Thread.java:619) Here is an extended test program that produces the error on Geronimo 2.2 but works fine on 2.1.3, 2.1.4 and 2.1.5 with Java 1.6.0_18. Run mvn:verify to see the error: http://apache-geronimo.328035.n3.nabble.com/file/n876229/g22srbug.zip g22srbug.zip The test program now includes a MyFilter.java that is called before http://localhost:8080/testwar/index.html is loaded. LoginException is thrown for: LoginContext lc = new LoginContext( this.realm, new Subject(), new MyCallbackHandler()); Is there a way around this class loading problem? -- Timo -- View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p876229.html Sent from the Users mailing list archive at Nabble.com. -- Ivan
Re: issue deploying webapp with security realm
Ivan Xu wrote: Sorry, I forgot to mention it in the last email, you might need to add a global gbean attribute for realm. dep:attribute name=globaltrue/dep:attribute Thanks again Ivan! This configuration file now works for G2.2.: dep:gbean name=MySecurityRealm class=org.apache.geronimo.security.realm.GenericSecurityRealm xsi:type=dep:gbeanType xmlns:dep=http://geronimo.apache.org/xml/ns/deployment-1.2; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; dep:attribute name=realmNameMySecurityRealm/dep:attribute dep:attribute name=globaltrue/dep:attribute dep:reference name=ServerInfo dep:nameServerInfo/dep:name /dep:reference dep:xml-reference name=LoginModuleConfiguration log:login-config xmlns:log=http://geronimo.apache.org/xml/ns/loginconfig-2.0; log:login-module control-flag=REQUIRED wrap-principals=false log:login-domain-name MySecurityRealm /log:login-domain-name log:login-module-class org.test.MyLoginModule /log:login-module-class /log:login-module /log:login-config /dep:xml-reference /dep:gbean -- Timo -- View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p876453.html Sent from the Users mailing list archive at Nabble.com.
Re: issue deploying webapp with security realm
Thank you! Deployment works for G2.2. when the gbean name to matches the realm name. Ivan Xu wrote: I checked your application, a little change to your geronimo-application.xml file : --- dep:gbean name=MySecurityRealmGBean - dep:gbean name=MySecurityRealm class=org.apache.geronimo.security.realm.GenericSecurityRealm xsi:type=dep:gbeanType xmlns:dep=http://geronimo.apache.org/xml/ns/deployment-1.2; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; dep:attribute name=realmNameMySecurityRealm/dep:attribute --- while Geronimo searches the reference, it uses the name of GBean .. -- Timo -- View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p844871.html Sent from the Users mailing list archive at Nabble.com.
Re: issue deploying webapp with security realm
Hi, thanks for the quick reply! Putting the security realm geronimo-web.xml doesn't help. Please find attached a sample test application. Run mvn verify to see deployment on Geronimo running on localhost. I have tested it with java 1.5.0_17 and 1.6.0_18 with Geronimo versions 2.1.3, 2.1.4 and 2.1.5 and they all work. Version 2.2 fails with both java versions. Is there a way to get this to work with all versions or is this a bug in 2.2? Below is the stack trace I get: Deployer operation failed: Unable to resolve reference ConfigurationFactory in gbean org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war to a gbean matching the pattern [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] due to: No matches for referencePatterns: [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] org.apache.geronimo.common.DeploymentException: Unable to resolve reference ConfigurationFactory in gbean org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war to a gbean matching the pattern [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] due to: No matches for referencePatterns: [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] at org.apache.geronimo.deployment.DeploymentContext.getConfigurationData(DeploymentContext.java:656) at org.apache.geronimo.tomcat.deployment.TomcatModuleBuilder.addGBeans(TomcatModuleBuilder.java:584) at org.apache.geronimo.j2ee.deployment.SwitchingModuleBuilder.addGBeans(SwitchingModuleBuilder.java:165) at org.apache.geronimo.j2ee.deployment.EARConfigBuilder.buildConfiguration(EARConfigBuilder.java:652) at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:257) at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:136) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34) at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130) at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851) at org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237) at org.apache.geronimo.kernel.KernelGBean.invoke(KernelGBean.java:342) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34) at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130) at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851) at org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237) at org.apache.geronimo.system.jmx.MBeanGBeanBridge.invoke(MBeanGBeanBridge.java:172) at com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213) at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784) at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1410) at javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81) at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1247) at java.security.AccessController.doPrivileged(Native Method) at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1350) at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:784) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:294) at sun.rmi.transport.Transport$1.run(Transport.java:153) at java.security.AccessController.doPrivileged(Native Method) at
Re: issue deploying webapp with security realm
Hi, In general something is wrong with security in G 2.2. I have created two JIRAs (GERONIMO-5010, GERONIMO-5011) for security related bugs (and as in your case, both things were working in G 2.1.x). All is left is to wait for a new 2.2.x release. Hope we get it soon. Łukasz On 25 May 2010 13:40, ttiurani timo.tiurani...@iki.fi wrote: Hi, thanks for the quick reply! Putting the security realm geronimo-web.xml doesn't help. Please find attached a sample test application. Run mvn verify to see deployment on Geronimo running on localhost. I have tested it with java 1.5.0_17 and 1.6.0_18 with Geronimo versions 2.1.3, 2.1.4 and 2.1.5 and they all work. Version 2.2 fails with both java versions. Is there a way to get this to work with all versions or is this a bug in 2.2? Below is the stack trace I get: Deployer operation failed: Unable to resolve reference ConfigurationFactory in gbean org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war to a gbean matching the pattern [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] due to: No matches for referencePatterns: [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] org.apache.geronimo.common.DeploymentException: Unable to resolve reference ConfigurationFactory in gbean org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war to a gbean matching the pattern [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] due to: No matches for referencePatterns: [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] at org.apache.geronimo.deployment.DeploymentContext.getConfigurationData(DeploymentContext.java:656) at org.apache.geronimo.tomcat.deployment.TomcatModuleBuilder.addGBeans(TomcatModuleBuilder.java:584) at org.apache.geronimo.j2ee.deployment.SwitchingModuleBuilder.addGBeans(SwitchingModuleBuilder.java:165) at org.apache.geronimo.j2ee.deployment.EARConfigBuilder.buildConfiguration(EARConfigBuilder.java:652) at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:257) at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:136) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34) at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130) at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851) at org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237) at org.apache.geronimo.kernel.KernelGBean.invoke(KernelGBean.java:342) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34) at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130) at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851) at org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237) at org.apache.geronimo.system.jmx.MBeanGBeanBridge.invoke(MBeanGBeanBridge.java:172) at com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213) at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784) at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1410) at javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81) at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1247) at java.security.AccessController.doPrivileged(Native Method) at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1350) at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:784) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
Re: issue deploying webapp with security realm
There are fixes for GERONIMO-5010, GERONIMO-5011 recently, could you try the latest 22 branch code to see if the fixes resolve your problems ? On Tue, May 25, 2010 at 8:47 PM, Łukasz Budnik lukasz.bud...@gmail.comwrote: GERONIMO-5010, GERONIMO-5011 -- Shawn
Re: issue deploying webapp with security realm
Hi, I checked your application, a little change to your geronimo-application.xml file : --- dep:gbean name=MySecurityRealmGBean - dep:gbean name=MySecurityRealm class=org.apache.geronimo.security.realm.GenericSecurityRealm xsi:type=dep:gbeanType xmlns:dep=http://geronimo.apache.org/xml/ns/deployment-1.2; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; dep:attribute name=realmNameMySecurityRealm/dep:attribute --- while Geronimo searches the reference, it uses the name of GBean .. 2010/5/25 Łukasz Budnik lukasz.bud...@gmail.com Hi, In general something is wrong with security in G 2.2. I have created two JIRAs (GERONIMO-5010, GERONIMO-5011) for security related bugs (and as in your case, both things were working in G 2.1.x). All is left is to wait for a new 2.2.x release. Hope we get it soon. Łukasz On 25 May 2010 13:40, ttiurani timo.tiurani...@iki.fi wrote: Hi, thanks for the quick reply! Putting the security realm geronimo-web.xml doesn't help. Please find attached a sample test application. Run mvn verify to see deployment on Geronimo running on localhost. I have tested it with java 1.5.0_17 and 1.6.0_18 with Geronimo versions 2.1.3, 2.1.4 and 2.1.5 and they all work. Version 2.2 fails with both java versions. Is there a way to get this to work with all versions or is this a bug in 2.2? Below is the stack trace I get: Deployer operation failed: Unable to resolve reference ConfigurationFactory in gbean org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war to a gbean matching the pattern [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] due to: No matches for referencePatterns: [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] org.apache.geronimo.common.DeploymentException: Unable to resolve reference ConfigurationFactory in gbean org.test/testear/1/car?J2EEApplication=org.test/testear/1/car,j2eeType=WebModule,name=lib/testwar-1.war to a gbean matching the pattern [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] due to: No matches for referencePatterns: [?name=MySecurityRealm#org.apache.geronimo.security.jaas.ConfigurationFactory] at org.apache.geronimo.deployment.DeploymentContext.getConfigurationData(DeploymentContext.java:656) at org.apache.geronimo.tomcat.deployment.TomcatModuleBuilder.addGBeans(TomcatModuleBuilder.java:584) at org.apache.geronimo.j2ee.deployment.SwitchingModuleBuilder.addGBeans(SwitchingModuleBuilder.java:165) at org.apache.geronimo.j2ee.deployment.EARConfigBuilder.buildConfiguration(EARConfigBuilder.java:652) at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:257) at org.apache.geronimo.deployment.Deployer.deploy(Deployer.java:136) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34) at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130) at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851) at org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237) at org.apache.geronimo.kernel.KernelGBean.invoke(KernelGBean.java:342) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.geronimo.gbean.runtime.ReflectionMethodInvoker.invoke(ReflectionMethodInvoker.java:34) at org.apache.geronimo.gbean.runtime.GBeanOperation.invoke(GBeanOperation.java:130) at org.apache.geronimo.gbean.runtime.GBeanInstance.invoke(GBeanInstance.java:851) at org.apache.geronimo.kernel.basic.BasicKernel.invoke(BasicKernel.java:237) at org.apache.geronimo.system.jmx.MBeanGBeanBridge.invoke(MBeanGBeanBridge.java:172) at com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213) at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784) at
Re: issue deploying webapp with security realm
Hi, I am getting the same error with geronimo 2.2, but there does not seem to be any way around my problem. I am trying to deploy my application with one .ear-file and use a custom security realm that is created with geronimo-application.xml and referenced in geronimo-web.xml. This does not seem to be possible anymore with Geronimo 2.2. geronimo-application.xml has this: dep:gbean name=MySecurityRealmGBean class=org.apache.geronimo.security.realm.GenericSecurityRealm xsi:type=dep:gbeanType xmlns:dep=http://geronimo.apache.org/xml/ns/deployment-1.2; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; dep:attribute name=realmNameMySecurityRealm/dep:attribute dep:reference name=ServerInfo dep:nameServerInfo/dep:name /dep:reference dep:xml-reference name=LoginModuleConfiguration log:login-config xmlns:log=http://geronimo.apache.org/xml/ns/loginconfig-2.0; log:login-module control-flag=REQUIRED wrap-principals=false log:login-domain-name MySecurityRealm /log:login-domain-name log:login-module-class org.test.MySecurityRealmLoginModule /log:login-module-class /log:login-module /log:login-config /dep:xml-reference /dep:gbean and geronimo-web.xml inside the same .ear tries to reference the realm with this: security-realm-nameMySecurityRealm/security-realm-name Now this has worked nicely with Geronimo 2.0.1 - 2.1.3 (I'm guessing it works for 2.1.4 and 2.1.5 as well) but it fails with 2.2 with the same stack trace as in the first message. I'm guessing the problem is this that by the time geronimo-web.xml is evaluated during deployment, the custom security realm from geronimo-application.xml is not either created yet or then there is some kind of class loader problem. I've tried every kind of combination of geronimo-application.xml and geronimo-web.xml and am quite confident the problem is not a simple configuration typo or lack of depencency tags. I believe it is possible to do this in two separete deployments, where I would first deploy the custom security realm alone to Geronimo and then reference it in a separeate .ear containing a geronimo-web.xml with a dependency to something like this: dependency groupIdorg.test/groupId artifactIdsecurity/artifactId version1.0/version typecar/type /dependency The unfortunate thing is, this approach complicates my development so significantly, it is out of the question. Is it possible to create and reference a custom login module inside a single .ear with Geronimo 2.2? If not, is this possiblity removed from 2.2 on purpose, or is it a bug that wil be fixed in later versions? Best regards, Timo Tiuraniemi p.s. This seems to be possible in JBoss (http://community.jboss.org/thread/145856). -- View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p839216.html Sent from the Users mailing list archive at Nabble.com.
Re: issue deploying webapp with security realm
This should work the way you want it to. I don't see anything wrong with your configuration, but my eyes are not an xml validator :-) Could you see what happens if you put the security realm gbean in the geronimo-web.xml? Also, just for reference could you paste the stack trace you are getting? There is a configuration change you have to make if you want to use your own security realm with (remote) ejb access, but that doesn't sound like your situation. If you can provide a sample app to demonstrate the problem that would be very helpful. thanks david jencks On May 24, 2010, at 1:54 AM, ttiurani wrote: Hi, I am getting the same error with geronimo 2.2, but there does not seem to be any way around my problem. I am trying to deploy my application with one .ear-file and use a custom security realm that is created with geronimo-application.xml and referenced in geronimo-web.xml. This does not seem to be possible anymore with Geronimo 2.2. geronimo-application.xml has this: dep:gbean name=MySecurityRealmGBean class=org.apache.geronimo.security.realm.GenericSecurityRealm xsi:type=dep:gbeanType xmlns:dep=http://geronimo.apache.org/xml/ns/deployment-1.2; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; dep:attribute name=realmNameMySecurityRealm/dep:attribute dep:reference name=ServerInfo dep:nameServerInfo/dep:name /dep:reference dep:xml-reference name=LoginModuleConfiguration log:login-config xmlns:log=http://geronimo.apache.org/xml/ns/loginconfig-2.0; log:login-module control-flag=REQUIRED wrap-principals=false log:login-domain-name MySecurityRealm /log:login-domain-name log:login-module-class org.test.MySecurityRealmLoginModule /log:login-module-class /log:login-module /log:login-config /dep:xml-reference /dep:gbean and geronimo-web.xml inside the same .ear tries to reference the realm with this: security-realm-nameMySecurityRealm/security-realm-name Now this has worked nicely with Geronimo 2.0.1 - 2.1.3 (I'm guessing it works for 2.1.4 and 2.1.5 as well) but it fails with 2.2 with the same stack trace as in the first message. I'm guessing the problem is this that by the time geronimo-web.xml is evaluated during deployment, the custom security realm from geronimo-application.xml is not either created yet or then there is some kind of class loader problem. I've tried every kind of combination of geronimo-application.xml and geronimo-web.xml and am quite confident the problem is not a simple configuration typo or lack of depencency tags. I believe it is possible to do this in two separete deployments, where I would first deploy the custom security realm alone to Geronimo and then reference it in a separeate .ear containing a geronimo-web.xml with a dependency to something like this: dependency groupIdorg.test/groupId artifactIdsecurity/artifactId version1.0/version typecar/type /dependency The unfortunate thing is, this approach complicates my development so significantly, it is out of the question. Is it possible to create and reference a custom login module inside a single .ear with Geronimo 2.2? If not, is this possiblity removed from 2.2 on purpose, or is it a bug that wil be fixed in later versions? Best regards, Timo Tiuraniemi p.s. This seems to be possible in JBoss (http://community.jboss.org/thread/145856). -- View this message in context: http://apache-geronimo.328035.n3.nabble.com/issue-deploying-webapp-with-security-realm-tp334180p839216.html Sent from the Users mailing list archive at Nabble.com.
Re: issue deploying webapp with security realm
Bill Brown wrote: According to the reports, I should be able to work around the issue by adding the security realm as a dependency in the geronimo-web.xml. https://issues.apache.org/jira/browse/GERONIMO-4553?focusedCommentId=12738770page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#action_12738770 Ok. I answered the question after a little while of trial and error. I needed to replace these in geronimo-web.xml environment section: dep:dependency dep:groupIdorg.apache.geronimo.configs/dep:groupId dep:artifactIdj2ee-server/dep:artifactId dep:typecar/dep:type /dep:dependency dep:dependency dep:groupIdorg.apache.geronimo.framework/dep:groupId dep:artifactIdj2ee-security/dep:artifactId dep:version2.2/dep:version dep:typecar/dep:type /dep:dependency dep:dependency dep:groupIdorg.apache.geronimo.framework/dep:groupId dep:artifactIdj2ee-security/dep:artifactId dep:typecar/dep:type /dep:dependency With this one which is found in the usage section for the realm listing in the console repository. dependency groupIdconsole.realm/groupId artifactIdfeedwork/artifactId version1.0/version typecar/type /dependency And the app deployed just fine with the authentication/authorization working. HTH. Bill. -- View this message in context: http://old.nabble.com/issue-deploying-webapp-with-security-realm-tp27112307s134p27118057.html Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.