On Sep 10, 2009, at 7:42 AM, Quintin Beukes wrote:
I found this problem, and it's neither in OpenEJB 3.1.2 not Geronimo
2.2. It was in fact a changed feature.
There is a new gbean attribute called "global", which defaults to
false. Maybe this should default to "true", so as not to break the
programs of people upgrading? It took me hours to figure this out.
Imagine how long other less-determined folks would take, or would they
just give up?
That's certainly a danger. Do you think we could solve this with
documentation? The non-global realms interfere less with each other
so I think they make a better default. Any other opinions?
thanks
david jencks
Q
On Thu, Sep 10, 2009 at 2:20 PM, Quintin Beukes
<quin...@last.za.net> wrote:
Hey,
Is this a bug, or did something change I don't know of? Note that it
is 2.2, so it could most definitely be either. The code didn't
change.
I only changed my JAR files and installed the new server. previously
all this worked.
Either way. I define a security realm called KMSRealm. i test it with
a WAR and EJB and login+authorization works fine. So it seems to
work.
But as soon as I test it with a remote OpenEJB client it doesn't
work.
I initialize the context factory as so:
p.put("java.naming.factory.initial",
"org.apache.openejb.client.RemoteInitialContextFactory");
p.put("java.naming.provider.url", "ejbd://localhost:4201");
p.put("openejb.authentication.realmName", "KMSRealm");
p.put("java.naming.security.principal", "quintin");
p.put("java.naming.security.credentials", "pass");
InitialContext ctx = new InitialContext(p);
Then I get this\. This is usually the error you get when a Realm
isn't
found. Can someone please advice what could have gone wrong so I can
fix it. Thanks.
Exception in thread "main" javax.naming.AuthenticationException: This
principle is not authorized. [Root exception is
javax.security.auth.login.LoginException: No LoginModules configured
for KMSRealm]
at
org.apache.openejb.client.JNDIContext.authenticate(JNDIContext.java:
188)
at
org
.apache
.openejb.client.JNDIContext.getInitialContext(JNDIContext.java:129)
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:
667)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:
288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at net.kunye.test.Main.main(Main.java:37)
Caused by: javax.security.auth.login.LoginException: No LoginModules
configured for KMSRealm
at
javax.security.auth.login.LoginContext.init(LoginContext.java:256)
at
javax.security.auth.login.LoginContext.<init>(LoginContext.java:499)
at
org
.apache.geronimo.security.ContextManager.login(ContextManager.java:
92)
at
org
.apache.geronimo.security.ContextManager.login(ContextManager.java:
108)
at
org
.apache
.geronimo
.openejb.GeronimoSecurityService.login(GeronimoSecurityService.java:
53)
at
org
.apache
.openejb
.server
.ejbd.AuthRequestHandler.processRequest(AuthRequestHandler.java:56)
at
org
.apache
.openejb.server.ejbd.EjbDaemon.processAuthRequest(EjbDaemon.java:204)
at
org.apache.openejb.server.ejbd.EjbDaemon.service(EjbDaemon.java:157)
at
org.apache.openejb.server.ejbd.EjbServer.service(EjbServer.java:71)
at org.apache.openejb.server.ejbd.KeepAliveServer
$Session.service(KeepAliveServer.java:213)
at
org
.apache
.openejb.server.ejbd.KeepAliveServer.service(KeepAliveServer.java:
233)
at
org.apache.openejb.server.ejbd.EjbServer.service(EjbServer.java:66)
at org.apache.openejb.server.ServicePool
$2.run(ServicePool.java:91)
at org.apache.openejb.server.ServicePool
$3.run(ServicePool.java:120)
at java.util.concurrent.ThreadPoolExecutor
$Worker.runTask(ThreadPoolExecutor.java:650)
at java.util.concurrent.ThreadPoolExecutor
$Worker.run(ThreadPoolExecutor.java:675)
at java.lang.Thread.run(Thread.java:595)
--
Quintin Beukes
--
Quintin Beukes
