-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All,
Back in July, I asked about RealmBase requiring a Container object in order to function properly. This has to do with using securityfilter with Tomcat's built-in Realms. Here is a reference to the original thread: http://marc.info/?t=121751323100003&r=1&w=2 I've started playing around with implementing a trivial ContainerBase subclass and I'm running into trouble again so I was hoping that some of the TC devs could weigh-in. My trivial ContainerBase subclass looks like this: private static class DummyContainer extends org.apache.catalina.core.ContainerBase { public String getInfo() { return "securityfilter_dummy_container/1.0"; } } ...and I essentially create a new Realm object and then call Realm.setContainer(). It looks like I'm getting farther than I was before, but I'm still getting errors deep down in Tomcat's internals. I'm getting an NPE in the DataSourceRealm (which is what I'm using as an example): java.lang.NullPointerException at org.apache.catalina.realm.DataSourceRealm.open(DataSourceRealm.java:402) at org.apache.catalina.realm.DataSourceRealm.authenticate(DataSourceRealm.java:283) at org.securityfilter.realm.catalina.CatalinaRealmAdapter.authenticate(CatalinaRealmAdapter.java:105) The method in question (DataSourceRealm.open) looks like this: protected Connection open() { try { Context context = null; if (localDataSource) { context = ContextBindings.getClassLoader(); context = (Context) context.lookup("comp/env"); } else { StandardServer server = (StandardServer) ServerFactory.getServer(); context = server.getGlobalNamingContext(); } DataSource dataSource = (DataSource)context.lookup(dataSourceName); /// THIS IS LINE 402 return dataSource.getConnection(); } catch (Exception e) { // Log the problem for posterity containerLog.error(sm.getString("dataSourceRealm.exception"), e); } return null; } Since I've included catalina.jar and catalina-optional.jar in my webapp, classes like ServerFactory and friends haven't been initialized since they are dormant in my webapp. The "real" ServerFactory class being loaded by Tomcat's server ClassLoader are, I'm sure, doing quite well. My question is this: how much of Tomcat's internals do I have to mock-up in order to get a Realm working outside of a legitimately running server? That sound like a ridiculous question, but securityfilter used to work with Tomcat Realms back in the day (4.x?) and now they don't (definitely 5.5, possibly 5.0 and 6.0 as well) because of this reliance upon more of Tomcat internals. Should I continue down this road of trying to prop-up a Tomcat skeleton server inside the webapp's space, or would it be better to discontinue support for this feature? Thanks, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmLXusACgkQ9CaO5/Lv0PDa3wCgryhZIOIxJg1BrZu/cvaExoka y2wAn1Anr7EtHdXVj4merPdUmWkAwDCO =Hwel -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
