I receive the following error when attempting to test a custom security
desccriptor from a simple "hello-world" servlet:
15:09:50,815 WARN [TomcatGeronimoRealm] Login exception authenticating
username "user"
javax.security.auth.login.LoginException: unable to find LoginModule class:
com.g-webdesign.geronimo.security.OracleSQLLoginModule in classloader
default/my-hello-world/1.0/car
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
...
Here is my security deployment descriptor:
------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.2";>
<environment>
<moduleId>
<groupId>console.realm</groupId>
<artifactId>MySecurityRealm</artifactId>
<version>1.0</version>
<type>car</type>
</moduleId>
<dependencies>
<dependency>
<groupId>org.apache.geronimo.configs</groupId>
<artifactId>j2ee-security</artifactId>
<type>car</type>
</dependency>
<dependency>
<groupId>com.g-webdesign.com</groupId>
<artifactId>my-login-module</artifactId>
<version>1.0</version>
<type>jar</type>
</dependency>
</dependencies>
</environment>
<gbean name="MySecurityRealm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm"
xsi:type="dep:gbeanType"
xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
<attribute name="realmName">MySecurityRealm</attribute>
<reference name="ServerInfo">
<name>ServerInfo</name>
</reference>
<xml-reference name="LoginModuleConfiguration">
<log:login-config
xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0";>
<log:login-module control-flag="REQUIRED"
wrap-principals="false">
<log:login-domain-name>MySecurityRealm</log:login-domain-name>
<log:login-module-class>com.g-webdesign.geronimo.security.MyLoginModule</log:login-module-class>
</log:login-module>
</log:login-config>
</xml-reference>
</gbean>
</module>
This is from my web.xml:
---------------------------------
<security-constraint>
<web-resource-collection>
<web-resource-name>Hello World</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>ADMIN_ROLE</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>This is not used for FORM login</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginerror.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>ADMIN_ROLE</role-name>
</security-role>
This is from my geronimo-web.xml:
-----------------------------------------
<security-realm-name>OracleTBSecurityRealm</security-realm-name>
<security>
<default-principal>
<principal name="anonymous"
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
/>
</default-principal>
<role-mappings>
<role role-name="ADMIN_ROLE">
<principal name="ADMIN_ROLE"
designated-run-as="true"
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
/>
</role>
</role-mappings>
</security>
Ideas?
--
View this message in context:
http://www.nabble.com/custom-LoginModule-and-GenericSecurityRealm-%3D-unable-to-find-LoginModule-tp15389615s134p15389615.html
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
