Hi Arne
Using your guidelines I tried configuring JAAS with Slide.
I did something like:
1)
Configure tomcat web.xml to have
<Context path="/slide" debug="0" privileged="true" useNaming="true">
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="slide_login"
userClassNames="org.apache.slide.jaas.spi.SlidePrincipal"
roleClassNames="org.apache.slide.jaas.spi.SlideRole"
name="Slide DAV Server"
useContextClassLoader="false" />
</Context>
in Host.
2) Copied jaas.config file in conf folder of tomcat
3) Copied slide-jaas-2.1.jar in \\Tomcat 5.5\common\lib folder
4) Uncommented <security-constraint> from Slide web.xml
5) Set environment variable
CATALINA_OPTS=-Djava.security.auth.login.config=$CATALINA_HOME/conf/jaas
.config
Retsrated tomcat server and then tried connecting Slide using Web DAV Explorer
client provided by Slide, but when I tried login, tomcat log says:
Unable to locate a login configuration...here is the error for details
Sep 15, 2007 8:26:27 PM org.apache.catalina.realm.JAASRealm authenticate
SEVERE: Unexpected error
java.lang.SecurityException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at javax.security.auth.login.Configuration$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.Configuration.getConfiguration(Unknown Source)
at javax.security.auth.login.LoginContext$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.init(Unknown Source)
at javax.security.auth.login.LoginContext.<init>(Unknown Source)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:355)
at
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:738)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:526)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.init(Unknown Source)
... 27 more
Do you have idea if I am missing out anything here.
Regards,
Satish
----- Original Message -----
From: "Arne v.Irmer" <[EMAIL PROTECTED]>
To: "Slide Users Mailing List" <slide-user@jakarta.apache.org>
Sent: Friday, September 14, 2007 4:22 PM
Subject: Re: Authentication with Slide - Slide vs tomcat Realm
> Hi Satish,
> things are easy, if you look at the used technics: Silde is a servlet in
> tomcat and uses the authentication mechanism of tomcat. This includes
> such nice things like the sso-Valve.
> What you have to implement a user management that does both:
> 1. Creating/Deleting the user in silde by just creating/deleting a
> collection with the user name in /user (default value). Tip: Look at the
> powerful roles mechanism in slide.
> 2. Doing the JAAS-Authentication.
> This is how we did it here.
>
> Yours
> Arne
>
> Satish schrieb:
> > Hey Arne
> >
> > Thanks for quick reponse.
> >
> > Do you mean here that I should take steps below to implemnt authetication,
> >
> > - configure Slide realm, configure tomcat to use Slide users for
> > authentication
> > - configure JAAS for tomcat
> > - use JAAS API to authenticate the requests,
> > so here JAAS will ask tomcat for authetication -> tomcat will check Slide
> > user database
> >
> > Is is somthing gonna happen...?
> >
> > Thanks.
> >
> >
> > Regards,
> > Satish
> >
> >
> > ----- Original Message -----
> > From: "Arne v.Irmer" <[EMAIL PROTECTED]>
> > To: "Slide Users Mailing List" <slide-user@jakarta.apache.org>
> > Sent: Friday, September 14, 2007 2:50 PM
> > Subject: Re: Authentication with Slide - Slide vs tomcat Realm
> >
> >
> >
> >> Hi Satish,
> >> look for JAAS-Authentication that is a standard API that works pretty
> >> well with tomcat. A good introduction is found at
> >> http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas.html
> >>
> >> Yours
> >> Arne
> >>
> >> Satish schrieb:
> >>
> >>> Hi
> >>>
> >>> I need to authentication with Slide, there are two ways I can see
> >>>
> >>> I am thinking of using Slide realm and configuring tomcat to use Slide
> >>>
> > user database for authentication.
> >
> >>> Otherwise if I rely completely on tomcat realm, typical tomcat-users.xml
> >>>
> > file based, authetication, I need to add user two places - Slide and
> > tomcat-user, which is problem.
> >
> >>> Can any body suggests on
> >>> #1 how can I configure tomcat to use the Slide users for authentication?
> >>> #2 how can I actually autheticate request of tomcat programatically, is
> >>>
> > any API available?
> >
> >>> What I am looking for is authenticating user with Slide.
> >>>
> >>> Any suggestion is valuable for me.
> >>>
> >>> Regards,
> >>> Satish
> >>>
> >>> Disclaimer:
> >>> This e-mail may contain Privileged/Confidential information and is
> >>>
> > intended only for the individual(s) named. Any review, retransmission,
> > dissemination or other use of, or taking of any action in reliance upon this
> > information by persons or entities other than the intended recipient is
> > prohibited. Please notify the sender, if you have received this e-mail by
> > mistake and delete it from your system. Information in this message that
> > does not relate to the official business of the company shall be understood
> > as neither given nor endorsed by it. E-mail transmission cannot be
> > guaranteed to be secure or error-free. The sender does not accept liability
> > for any errors or omissions in the contents of this message which arise as a
> > result of e-mail transmission. If verification is required please request a
> > hard-copy version. Visit us at http://www.harbinger-systems.com/
> >
> >>>
> >>>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >
> > Disclaimer:
> > This e-mail may contain Privileged/Confidential information and is intended
> > only for the individual(s) named. Any review, retransmission, dissemination
> > or other use of, or taking of any action in reliance upon this information
> > by persons or entities other than the intended recipient is prohibited.
> > Please notify the sender, if you have received this e-mail by mistake and
> > delete it from your system. Information in this message that does not
> > relate to the official business of the company shall be understood as
> > neither given nor endorsed by it. E-mail transmission cannot be guaranteed
> > to be secure or error-free. The sender does not accept liability for any
> > errors or omissions in the contents of this message which arise as a result
> > of e-mail transmission. If verification is required please request a
> > hard-copy version. Visit us at http://www.harbinger-systems.com/
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
Disclaimer:
This e-mail may contain Privileged/Confidential information and is intended
only for the individual(s) named. Any review, retransmission, dissemination or
other use of, or taking of any action in reliance upon this information by
persons or entities other than the intended recipient is prohibited. Please
notify the sender, if you have received this e-mail by mistake and delete it
from your system. Information in this message that does not relate to the
official business of the company shall be understood as neither given nor
endorsed by it. E-mail transmission cannot be guaranteed to be secure or
error-free. The sender does not accept liability for any errors or omissions in
the contents of this message which arise as a result of e-mail transmission. If
verification is required please request a hard-copy version. Visit us at
http://www.harbinger-systems.com/
