Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JAAS authentication is not working in tomcat

 
Nazeer Ahammad
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

I'm tring to execute one authentication program using JAAS realms in tomcat but when i was running i'm getting error like below.

javax.security.auth.login.LoginException: No LoginModules configured for BytesLoungeLogin
at javax.security.auth.login.LoginContext.init(Unknown Source)
at javax.security.auth.login.LoginContext.<init>(Unknown Source)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:394)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:334)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:157)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:554)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:380)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:243)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:188)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:288)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

used classes are classes :
------------------------------------

import java.security.Principal;

public class RolePrincipal implements Principal {

private String name;

public RolePrincipal(String name) {
super();
this.name = name;
}

public void setName(String name) {
this.name = name;
}

@Override
public String getName() {
return name;
}

}
-----------------------------------------------------------------------
import java.security.Principal;

public class UserPrincipal implements Principal {

private String name;

public UserPrincipal(String name) {
super();
this.name = name;
}

public void setName(String name) {
this.name = name;
}

@Override
public String getName() {
return name;
}

}
-----------------------------------------------------------------------------------

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

public class BytesLoungeLoginModule implements LoginModule {

private CallbackHandler handler;
private Subject subject;
private UserPrincipal userPrincipal;
private RolePrincipal rolePrincipal;
private String login;
private List<String> userGroups;

@Override
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String, ?> sharedState, Map<String, ?> options) {

handler = callbackHandler;
this.subject = subject;
}

@Override
public boolean login() throws LoginException {

Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("login");
callbacks[1] = new PasswordCallback("password", true);

try {
handler.handle(callbacks);
String name = ((NameCallback) callbacks[0]).getName();
String password = String.valueOf(((PasswordCallback) callbacks[1])
.getPassword());

if (name != null && name.equals("user123") && password != null
&& password.equals("pass123")) {
login = name;
userGroups = new ArrayList<String>();
userGroups.add("admin");
return true;
}

throw new LoginException("Authentication failed");

} catch (IOException e) {
throw new LoginException(e.getMessage());
} catch (UnsupportedCallbackException e) {
throw new LoginException(e.getMessage());
}

}

@Override
public boolean commit() throws LoginException {

userPrincipal = new UserPrincipal(login);
subject.getPrincipals().add(userPrincipal);

if (userGroups != null && userGroups.size() > 0) {
for (String groupName : userGroups) {
rolePrincipal = new RolePrincipal(groupName);
subject.getPrincipals().add(rolePrincipal);
}
}

return true;
}

@Override
public boolean abort() throws LoginException {
return false;
}

@Override
public boolean logout() throws LoginException {
subject.getPrincipals().remove(userPrincipal);
subject.getPrincipals().remove(rolePrincipal);
return true;
}

}
------------------------------------
web.xml is like below

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>JDBCRealms</display-name>

<security-constraint>
<web-resource-collection>
<web-resource-name>Admin</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>

<security-role>
<role-name>admin</role-name>
</security-role>

<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Admin</realm-name>
</login-config>
</web-app>
-------------------------------------------------------------------------------
below one is context.xml it is placed in META-INF

<?xml version="1.0" encoding="UTF-8"?>
<Context>
<Realm className="org.apache.catalina.realm.JAASRealm" appName="BytesLoungeLogin"
userClassNames="com.byteslounge.jaas.UserPrincipal" roleClassNames="com.byteslounge.jaas.RolePrincipal" />
</Context>
--------------------------------------------------------------------------
below one is the jaas.config file it is placed in Tomcat->conf folder.


BytesLoungeLogin {
com.byteslounge.jaas.BytesLoungeLoginModule required debug=true;
};


Please any one solve my problem.

Thanks and Regards,
Nazeer.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18154
52
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It's a little hard to read all that, but it looks like you are both trying to write your own Realm module and at the same time use the stock JAAS Realm module. You need to go one way or the other.

One other thing that may need investigating is the proper location of your jaas.config file. If it needs to be in the classpath, the Tomcat conf directory is not part of Tomcat's classpath.
 
Nazeer Ahammad
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi i tried but it is not working. Is there any other way to resolve this problem
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic