Hi, Thanks for the help so far. Now my login implementation is working. I added a context.xml file in the META-INF folder and now those two classes are being loaded. good so far.
Now I want to implement LOGOUT. For this I have a hyperlink named "logout" on every page. By clicking on that I suppose logout of the LoginModule should be called. But I do not have a handle to LoginModule class or the LoginContext class as I am using Form Based Authentication. below are the entry from my web.config file...... <security-constraint> <web-resource-collection> <web-resource-name>A Protected Page</web-resource-name> <url-pattern>/SMARTSUI.html</url-pattern> <url-pattern>/res/protected/img/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>tomcat</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>tomcat</role-name> </security-role> <login-config> <auth-method>FORM</auth-method> <realm-name>SMARTSLoginModule</realm-name> <form-login-config> <form-login-page>/login.html</form-login-page> <form-error-page>/error.jsp</form-error-page> </form-login-config> </login-config> Here j_securit_check is the owner and it routes the authentication and authorization. It itself creates the LoginContext class and plugins into our LoginModule class through jaas.config file. So my question is how to call LoginModule.logout() and clear the subject (user and role principals)? Regards, Javed ----- Original Message ----- > From: Daniel Mikusa <dmik...@vmware.com> > To: Tomcat Users List <users@tomcat.apache.org> > Cc: > Sent: Wednesday, June 13, 2012 6:25 AM > Subject: Re: Apache tomcat (7.0.27) is not loading the user and role class for JAASRealm > > ----- Original Message ----- >> I am creating a website and implement security. For this I am using >> Form >> based authentication and JAASRealm. I have implemented the login >> module and >> able to authenticate but while authorizing tomcat is not able to load >> the >> user and role classes once I start the tomcat server. >> >> It gives the following error on startup (in the >> tomcat7-stderr.2012-06-13.log) >> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm. JAASRealm >> parseClassNames >> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal >> not >> found! Class not added. >> Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm >> parseClassNames >> SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal >> not >> found! Class not added. > > The classes mentioned above cannot be found. > > 1.) What are they classes? They are not part of Tomcat. > > 2.) Have you placed the classes on the classpath somewhere? If so, where? > > Dan > > > >> >> I have taken help from >> http://blog.frankel.ch/custom-loginmodule-in-tomcat >> >> I tried even the sample one on the above website but gives the same >> error. >> Please let me know what am I missing. >> -- >> Regards, >> Javed WARNING ======= The following is based on Tomcat's documentation. I have not written my own JAAS Realm, so your mileage may vary. WARNING ======= The documentation that I'm basing this on can be found here: http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html#JAASRealm http://tomcat.apache.org/tomcat-7.0-doc/config/realm.html There are a few things to note from the blog post. The place the blog tells you to put the Realm configuration is confusing at best. As mentioned in the blog post, you can place your Realm definition in the Engine, Host, or Context elements. Unfortunately, the notes for the context element is a bit misleading. If you place your Realm definition in the Context element, it should be in one of two places. 1. application's META-INF/context.xml 2. CATALINA_BASE/conf/Catalina/[hostname]/appname.xml. [hostname] is typically localhost appname.xml is the "name of your application".xml. I suppose you could also place the Realm definition in CATALINA_BASE/conf/Catalina/[hostname]/context.xml.default. Placing your classes (LoginModule and Principal) within Tomcat combined with the above information probably follows the logic below. Again, I've not tried this. I'm just reading the documentation. 1. If you define your JAASRealm in your application's context.xml a. Place the LoginModule and Principle classes in WEB-INF/classes or WEB-INF/lib of your application b. No special attribute needs to be set 2. If you define your JAASRealm in Engine or Host (server.xml) a. Place the LoginModule and Principle classes in CATALINA_HOME/lib as a jar file b. Add the following attribute to the JAASRealm definition useContextClassLoader="true" This tells Tomcat to use the container classloader rather than the application's classloader to find the classes. An advantage of doing things the first way is that you can easily change your JAAS implementation and just reload the web application. An advantage of doing things the second way is that you only have to define the resource once for the entire Engine or Host. However changes to the implementation would then require a Tomcat restart. In any event, you'll need to indicate where your jaas.config file lives. The easiest way to do this is by setting a JAVA_OPTS environment variable. 1. Create a setenv.sh (or setenv.bat if you're on Windows) 2. Add the information to JAVA_OPTS. In a setenv.sh file, it would look like: JAVA_OPTS="-Djava.security.auth.login.config=$CATALINA_BASE/conf/jaas.config" export JAVA_OPTS Note that the examples for doing this in both the Tomcat documentation and the JAAS documentation have a double equals ( == ) sign for the assignment. I'm not sure why this is the case. Again, this is just my reading of the documentation. Your mileage may vary. . . . only one cent, since I've no experience /mde/ Hi, Those two classes are created by myself. They implement "java.security.Principal" interface in order to hookup JAASRealm in tomcat. I have attached the classes. Please rename the smarts_zip to smarts.zip after downloading. Following are the entries in red color for this in the server.xml file of the tomcat. <Realm className="org.apache.catalina.realm.LockOutRealm">--> <Realm className="org.apache.catalina.realm.JAASRealm" appName="SMARTSLoginModule" userClassNames="com.cogent3M.SMARTS.Core.General. SMARTSUserPrincipal" roleClassNames="com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal"/> </Realm> I created a jar file of the two classes and kept everywhere like C:\Apache\Tomcat7.0\lib C:\Apache\Tomcat7.0\webapps\MyApp\WEB-INF\lib I even added that in the Tomcat confirmation window Please let me know if you need more info or provide any suggestion. ----- Original Message ----- > I am creating a website and implement security. For this I am using > Form > based authentication and JAASRealm. I have implemented the login > module and > able to authenticate but while authorizing tomcat is not able to load > the > user and role classes once I start the tomcat server. > > It gives the following error on startup (in the > tomcat7-stderr.2012-06-13.log) > Jun 13, 2012 4:11:47 PM org.apache.catalina.realm. JAASRealm > parseClassNames > SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal > not > found! Class not added. > Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm > parseClassNames > SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal > not > found! Class not added. The classes mentioned above cannot be found. 1.) What are they classes? They are not part of Tomcat. 2.) Have you placed the classes on the classpath somewhere? If so, where? Dan > > I have taken help from > http://blog.frankel.ch/custom-loginmodule-in-tomcat > > I tried even the sample one on the above website but gives the same > error. > Please let me know what am I missing. > -- > Regards, > Javed > ==================================================================== > Even a big pot full of water will be emptied by a small hole. > Similarly just a little anger or ego will burn the nobility of good > heart. > ==================================================================== > On Wed, Jun 13, 2012 at 5:10 PM, javed ansari <javed....@gmail.com> wrote: > I am creating a website and implement security. For this I am using Form > based authentication and JAASRealm. I have implemented the login module and > able to authenticate but while authorizing tomcat is not able to load the > user and role classes once I start the tomcat server. > > It gives the following error on startup (in the > tomcat7-stderr.2012-06-13.log) > Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm > parseClassNames > SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSUserPrincipal not > found! Class not added. > Jun 13, 2012 4:11:47 PM org.apache.catalina.realm.JAASRealm > parseClassNames > SEVERE: Class com.cogent3M.SMARTS.Core.General.SMARTSRolePrincipal not > found! Class not added. > > I have taken help from > http://blog.frankel.ch/custom-loginmodule-in-tomcat > > I tried even the sample one on the above website but gives the same error. > Please let me know what am I missing. > -- Regards, Javed ==================================================================== Even a big pot full of water will be emptied by a small hole. Similarly just a little anger or ego will burn the nobility of good heart. ====================================================================