-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 PJ,
On 1/3/19 12:09, PJ Pillai wrote: > Hi Christopher, > > This is no an issue with locating jaas.config. I've set it in java > options as -Djava.security.auth.login.config=C:\Program > Files\Apache Software Foundation\Tomcat 9.0\conf\jaas.config I also > tested changing a file that do not exist and I got the FileNotFound > exception so it is not the issue with jaas.config. > > From the code what I read is that JAASMemoryLoginModule pathname > still using the default value (conf/tomcat-users.xml), Tomcat is > running on Windows so not sure why pathname is > conf/tomcat-users.xml). > > See the line below in the code that log this warning message. > https://github.com/apache/tomcat/blob/trunk/java/org/apache/catalina/r ealm/JAASMemoryLoginModule.java#L384 > > see attached log file. All the JVM arguments in the log are > correct. Your attachment was stripped from the mailing list. conf/tomcat-users.xml is never used as a JAAS configuration file. That is a user database. The slashes are "backward" for you because \ is a metacharacter in almost every OS and programming language. Java translates / to \ on Windows as necessary. - -chris > On Thu, Jan 3, 2019 at 6:55 AM Christopher Schultz > <[email protected] > <mailto:[email protected]>> wrote: > > PJ, > > On 1/2/19 22:15, PJ Pillai wrote: >> Here is additional information. 1. Tomcat is running on Windows >> 2016 server. 2. Tomcat is started as windows service. > >> I tried Tomcat 8.5 as well and still get the same warning >> message and user is not authenticated. > > Did you copy all your system properties from your Tomcat 6 service > to your Tomcat 9 service? Look in thew "JVM Parameters" (or > whatever) section of the Tomcat service manager (tomcat9w.exe). > > Tomcat needs to know where the JAAS config file is, and that's > done through a system property. If that property wasn't copied from > the old service, it probably won't work. > > -chris > >> On Wed, Jan 2, 2019 at 5:00 PM PJ Pillai <[email protected] > <mailto:[email protected]>> >> wrote: > >>> Hi, >>> >>> >>> I'm using JAASMemoryLoginModule to authenticate users stored >>> in tomcat-users.xml. The authentication fails on Tomcat 9 with >>> following warning message in catalina.xx.log. >>> >>> org.apache.catalina.realm.JAASMemoryLoginModule.load Unable to >>> determine Catalina base to load file [conf/tomcat-users.xml] >>> >>> >>> Here is a stack trace from the web application: >>> >>> javax.security.auth.login.FailedLoginException: User name or >>> password is incorrect at >>> org.apache.catalina.realm.JAASMemoryLoginModule.login(JAASMemoryLogi n > >>> Module.java:350) >>> >>> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl . > >>> java:62) >>> >>> > at >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcce s > >>> sorImpl.java:43) >>> >>> > at java.lang.reflect.Method.invoke(Method.java:483) >>> at >>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) >>> >>> > >>> at javax.security.auth.login.LoginContext.access$000(LoginContext.java:1 > 95) >>> at >>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) >>> >>> > >>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) >>> at java.security.AccessController.doPrivileged(Native Method) >>> at >>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java: 6 > >>> 80) >>> >>> > at > javax.security.auth.login.LoginContext.login(LoginContext.java:587) >>> >>> >>> > Now the same jaas config and same JVM args, it works fine on >>> Tomcat 6. >>> >>> -Djava.security.auth.login.config=C:\Program Files\Apache >>> Software Foundation\Tomcat 9.0\conf\jaas.config >>> >>> >>> >>> >>> Please help. >>> >>> Thanks, PJ >>> >>> >>> > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > <mailto:[email protected]> For additional > commands, e-mail: [email protected] > <mailto:[email protected]> > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwwx38ACgkQHPApP6U8 pFhzig//TWFCMfJQT0a5A79jRNz5S9bKCQlFWtq0j6lCSNbnUJ12dywdYGQsIaAR 6ySX7IIKHiosgLZIUtrU1wwe+GZ31FvpoKe+VAhJVhY/d0ikDJlcwit4bXHqUruh Nb+ik0yMYV8nmp+OD6ZIXMyrfZjZRokifruZ7AgCqIBwS4nnvR/Wl3GIpXn8ylyX lVFFzzDJjproM1rqdUeZtrX77GYDXWTMwxM0xzTIPO/RUgtMsgByM57ff4lAT6Jw BLydBEGhuQYpbJPSxhv8nTY5tT2GRfNik2/E33FWHP0j/nzQWYaxhLCsHBy2wrmZ ad8K0rT9UycVs9YaRHi7XXwa786vkgl/54s3isPZzWes+8S5gkdVgFqxjMUxAYrU Hsyfx4o3ITc8ZxWPU6YR8m5/kA8BAjWNVQkHDIDmVsnclQN0fSjv9biJ+kw3otc1 uA9moeWyUcrv+K1qjtSrxE+0zMHC0xQSNjpnFWiXdrcHJ7hi17vwRw12XzdMt9pg 7bJ7UPnwS3VgAoz60I3gIugEyhsL7TeETJVd7yhnHfQUM1xLHDJvekszUQdXhscm 0s8bi6TteWUYdIx60HVADMVRVH2Ilj5qPrKzHyJyqGR/yNRCbGPRIqXjW3OGqqAF 6mFH4jvcb7w8FJtmkZCuJxebbnadxlf44+sKIUEsEPbJtE5C0W8= =aRAr -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
