Neelesh A Korade

Greenhorn
+ Follow
since Jun 07, 2007
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Neelesh A Korade

Hi All,

We are trying to implement SSO in our web application with the help of SPNEGO in JBOSS AS 4.2.2.

We are using ‘security-negotiation-2.0.3.GA’ and have followed the user guide Negotiation_User_Guide_(en-US).pdf. After making all changes as mentioned in the user guide, we tried out Negotiation Toolkit web application to test various aspects of SPNEGO configuration. First two tests (Basic Negotiation servlet and Security Domain Test' servlet) were successful, however, for the third servlet (‘Secured’), we are getting following error:



Also, when we run the test using kinit username@KERBEROS.REALM.COM, it prompts us for password. on Entering the correct password, it throws the following exception-



We are using Active Directory with Windows Server 2003 service pack 2, JBOSS AS 4.2.2 on Windows XP service pack 2 and Internet Explorer 6 as client from a Windows XP service pack 2 box.

Could anyone help us fix these exceptions and get our kerberos SSO working? Also, we have some specific questions where we think we might have gone wrong-


1) We executed ktpass as-



Is it correct? Or, do we need to execute it as-


(Note the difference of host vs HTTP)

Documentation at- http://community.jboss.org/wiki/ConfiguringJBossNegotiationinanallWindowsDomain says that we should execute with HTTP while the user guide mentions it should be host.

2) Do we need to execute ktab.exe on the machine where JBOSS is running? Again user guide asks for it but the documentation at the URL given above doesn't mention that.

3) The account created for JBoss server on active directory is using the same name as the name of the server host machine. Is this fine? Or should the account name be different from the name of the machine hosting the server?

Any help will be much appreciated.

Neelesh
13 years ago
Hi All

I am stuck with this problem for last many days and am finding it increasingly difficult to solve it.

I am trying to configure SSO on my application deployed on JBoss (4.2.2) for windows 2000 ADS using Kerberos. I have done all the configurations given in the Negotiation_User_Guide_(en-US).pdf and now trying to test my configuration using the Negotiation Toolkit. Following are the issues I am seeing-

1) When I access the negotiation toolkit application from the JBoss server machine itself, the Basic Negotiation test fails with the message given below. However, note that the test succeeds when I access the toolkit application from some other machine

Warning, this is NTLM, only SPNEGO is supported!

2) I am unable to get the Secured test passed from any machine (including the JBoss server). It gives me HTTP 401 error with the description-

This request requires HTTP authentication ().

The log that I see in JBoss server log is different when I access the toolkit test servlet from JBoss server machine and from any other machine. Here's the exception I am seeing in the JBoss server log when I access the test servlet from JBoss server machine-




And following is the log that I see when I access the test servlet from any other machine-



I am really at a loss in figuring out the issue and a fix. Could anyone help me with this? Let me know if you need any additional details to help me identify the problem.

Thanks much
-Neelesh
13 years ago
Hi

Our objetive is to achive SSO on JBoss in windows domain using Kerberos. With that in mind, I started looking at options available in JBoss and came across these two links-

  • http://community.jboss.org/wiki/JbossNegotiation
    http://community.jboss.org/wiki/ConfiguringJBossNegotiationinanallWindowsDomain


  • I am still trying to understand JBossNegotiation. One thing I am not able to get from the above links is whether it uses Kerberos. Note that I am new to all of this and might be missing something very basic.

    Another question was- on the first link above, there is a link to abother webpage under Old SPNEGO/Kerberos Documentation-

    http://community.jboss.org/wiki/NegotiateKerberos

    The title under which this link is given makes me feel SSO on JBoss using Kerberos is an old thing and JBossNegotiation is the latest mechanism. Is this understanding correct? Shall I ignore the last link given above and refer only to the first two links?

    Could someone help me with this?

    Thank you
    Neelesh



    14 years ago
    Thank you Francesco and Jai for all your help. My problem is solved.
    14 years ago
    Hi

    I am trying to figure out how I can configure my webapp to use SSL on JBoss. Here are a couple of references I am looking at-

    http://community.jboss.org/wiki/sslsetup

    http://www.jboss.org/file-access/default/members/jbossweb/freezone/docs/latest/ssl-howto.html

    I am working on jboss-4.2.2.GA.

    The first reference above refers to file jbossweb-tomcat41.sar/META-INF/jboss-service.xml where keystore file details have to be updated.

    The second reference above refers to $CATALINA_HOME/conf/server.xml file for configuring the secure socket by updating the keystore information.

    My question is- for the version of JBoss I am using (jboss-4.2.2.GA), I am unable to find any of these config files. Can someone help me identify the file I need to modify for updating the keystore information in it?

    Thank you
    Neelesh

    14 years ago
    Hi All

    We are developing public web portal in J2EE mainly using JBoss-5 as application server. There will be periodic updates and deployment of the same on server (most probably weekly) .

    We need to have Zero or Minimum downtime for users accessing this portal, particularly, the existing user connections should not be broken. What are different scenarios that can occur and best practices to handle these types of periodic deployments. Appreciate your help.

    Thanks
    Neelesh
    14 years ago
    Forgot to mention, I am on Eclipse 3.2.
    14 years ago
    Hi

    I am looking for an eclipse plug-in for Spring. I found a couple of links on googling up, however, they were broken. Could someone point me to some free eclipse plug-in for Spring? I only need it for some learning purpose.

    Thank you
    Neelesh
    14 years ago
    Might be trickier than this.

    If the initial date is a SUNDAY, for example "30/8/2009", this will return 31/8/2009. Not sure if that is what is expected. If 24/8/2009 is the desired result, a bit complicated logic can be written.
    14 years ago
    Hi All
    I am getting following error when I run my application-



    I am trying to understand what Object size and Num elements here mean. Does it mean it failed to allocate an array of 8192 elements each of size 16400 bytes?

    Thank you
    Neelesh
    14 years ago
    Thank you Tim. That was helpful.

    Could someone help me out with the data source lookup exception I am seeing?
    14 years ago
    Hello

    I am using Tomcat 5.5.27. I have two web applications- App1 and App2. Below are some details-

  • App1 Data Source JNDI name - jdbc/DW_Pool
  • App1 web context name - tdwebapps
  • App2 Data Source JNDI name - jdbc/SQLPool_DW
  • App2 web context name - tdreports


  • My context.xml and server.xml are given at the end of this post.

    When I start Tomcat with these configurations and try to access my application, I see the following error in the log-

    Aug 25, 2009 10:14:12 PM org.eclipse.birt.report.data.oda.jdbc.JndiDataSource getConnection
    INFO: javax.naming.NameNotFoundException: Name jdbc is not bound in this Context
    Aug 25, 2009 10:14:12 PM org.eclipse.birt.data.engine.odaconsumer.ConnectionManager openConnection
    SEVERE: Cannot open connection.


    My questions are-
    1) Where am I going wrong? How to get rid of this exception?
    2) I referred to the Tomcat config documentation given at- http://tomcat.apache.org/tomcat-5.5-doc/config/index.html
    However, I have not been able to understand the significance of Context.xml file exactly. If we can configure contrexts, resources etc. in server.xml file, what purpose does the Context.xml file serve?

    My Context.xml file-


    My server.xml file-


    14 years ago
    I realized that the JBoss I got was a customized one and it didn't have the folders that are mentioned by Abhijit.
    15 years ago
    Jaikiran,

    While I was going through this thread, I realized that on my JBoss installation, I do not have the "all", "minimal", "standard" folders that Abhijit has referred to in his post-

    3. Each folder of server instances like JBoss-1 contians
    the folders of location in the
    C:\JBoss\jboss-4.0.0\server

    i.e. I copied the folders (all, default, minimal, standard) under
    ..\server



    I have two server profiles under my JBOSS-


    and


    Am I amiss somewhere? Why don't I see the folders that Abhijit has mentioned.

    Note that I got this JBoss copied from someone's machine.

    Thank you
    Neelesh
    15 years ago
    Hi All,

    As I understand it, to configure JVM heap size paramters like Xms, and Xmx, one needs to edit run.bat at <JBOSS_HOME>\bin to set JAVA_OPTS appropriately. However, this run.bat file is common across all the JBoss profiles. So the settings apply for all the profiles alike.

    I am trying to figure out how I can configure JVM parameters per JBoss server profile. Could someone help?

    -Neelesh
    15 years ago