Rob, thanks for the reply. You are right I am on a JBoss.
I configured the JAAS with a user.properties, but I will try your
suggestion. So I don't have to care about the properties file. I thought I
could avoid the JAAS module, because it is (smal) additional configuration
effort and an addition trap.
Greetings
Eric
Certus Technology wrote:
>
> _Eric_ wrote:
>> Hallo list,
>>
>> I have a problem during upgrade to version 1.5. The following serurity
>> configuration worked fine with 1.4:
>> <Security appName="Jackrabbit">
>> <!--
>> access manager:
>> class: FQN of class implementing the AccessManager
>> interface
>> -->
>> <AccessManager
>>
>> class="org.apache.jackrabbit.core.security.SimpleAccessManager">
>> <!-- -->
>> </AccessManager>
>>
>> <LoginModule
>>
>> class="org.apache.jackrabbit.core.security.SimpleLoginModule">
>> <!-- anonymous user name ('anonymous' is the default
>> value) -->
>>
>> <!--
>> default user name to be used instead of the
>> anonymous user
>> when no login credentials are provided (unset
>> by default)
>> -->
>>
>> </LoginModule>
>> </Security>
>>
>> But with 1.5 I got the following exception:
>>
>> 15:15:36,953 ERROR [UsersRolesLoginModule] Failed to load
>> users/passwords/role files
>> java.io.IOException: No properties file: users.properties or defaults:
>> defaultUsers.properties found
>> at org.jboss.security.auth.spi.Util.loadProperties(Util.java:315)
>> at
>> org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:186)
>> at
>> org.jboss.security.auth.spi.UsersRolesLoginModule.createUsers(UsersRolesLoginModule.java:200)
>> at
>> org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:127)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:597)
>> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:756)
>> at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>> at
>> org.apache.jackrabbit.core.security.authentication.JAASAuthContext.login(JAASAuthContext.java:60)
>> at
>> org.apache.jackrabbit.core.RepositoryImpl.login(RepositoryImpl.java:1356)
>>
>> I don't need any security stuff. ATM I don't want to define any user.
>>
>> Any help?
>>
>> Greetings
>
> By reading your stack trace, I assume you are using jboss.
>
> Jackrabbit is configured to use a JAAS login module, by default, called
> Jackrabbit. You must have one configured in your jboss login-config.xml
> file.
>
> check this file:
>
> ${JBOSS_HOME}/server/default/conf/login-config.xml
>
> for an entry like this:
>
> <application-policy name="Jackrabbit">
> <authentication>
> <login-module
> code="org.apache.jackrabbit.core.security.simple.SimpleLoginModule" flag
> = "required" >
> </login-module>
> </authentication>
> </application-policy>
>
>
> Regards
>
> Rob
> --
> Certus Technology Associates Limited.
> http://www.certus-tech.com
> Tel: +44 (0)114 272 5081
>
>
>
--
View this message in context:
http://www.nabble.com/Security-and-Login-jackrabbit1.5-tp24076236p24088924.html
Sent from the Jackrabbit - Users mailing list archive at Nabble.com.
