Results 1 to 5 of 5

Thread: Unable to login to Sun Server admin console

  1. Mar 4th, 2005, 03:36 PM #1
    kut727
    kut727 is offline Junior Member
    Join Date
    Mar 2005
    Posts
    4

    Default Unable to login to Sun Server admin console

    I'm running an application (which uses Acegi security) on the Sun Java System Application Server 8.1.

    In applicationContext.xml I set up the loginConfig:

    Code:
    <property name="loginConfig">
    <value>/WEB-INF/kerberos.conf</value>
</property>
<property name="loginContextName">
    <value>kerberosRealm</value>
</property>
    and here's the definition in kerberos.conf:
    Code:
    kerberosRealm &#123;
  com.sun.security.auth.module.Krb5LoginModule required 
	client=true 
	useTicketCache=false
	debug=false  
	doNotPrompt=false;
&#125;;
    My application runs and I can successfully login through CAS, but then when I try to login on my admin console window for the Sun Server, that login fails.

    It seems that the JVM option for the Sun Server
    Code:
    java.security.auth.login.config=$&#123;com.sun.aas.instanceRoot&#125;/config/login.conf
    is overwritten by the kerberos.conf or kerberos.conf is taking precedence over login.conf. Just wondering if anyone else has run into this same problem and knows of a way to merge the two configs. Thanks.
  2. Mar 7th, 2005, 08:05 AM #2
    RayKrueger
    RayKrueger is offline Senior Member
    Join Date
    Oct 2004
    Posts
    207

    Default

    Are you using 0.8.0 or something lesser?
  3. Mar 8th, 2005, 08:04 AM #3
    kut727
    kut727 is offline Junior Member
    Join Date
    Mar 2005
    Posts
    4

    Default

    I'm using 0.70, Yale's CAS server 2.0.12 and CAS client 2.0.11
  4. Mar 11th, 2005, 11:14 AM #4
    ZenGod
    ZenGod is offline Junior Member
    Join Date
    Mar 2005
    Posts
    1

    Default

    I had the same problem and discovered a bug in Acegi's JaasAuthenticationProvider class.

    In the afterPropertiesSet method the bold code below over writes the Sun servers login.conf file location specified in the system property java.security.auth.login.config.

    boolean allowed = "true".equalsIgnoreCase(Security.getProperty(
    "policy.allowSystemProperty"));

    if (allowed) {
    System.setProperty(SYSPROP, loginConfigStr);
    } else {
    setPropertyUsingLoop(loginConfigStr);
    }

    The problem is this code always overwrites the property even if something is already set there. I changed the code to the following and it solved the problem.

    boolean allowed = "true".equalsIgnoreCase(Security.getProperty(
    "policy.allowSystemProperty"));

    String prop = System.getProperty(SYSPROP);
    if ((allowed) && (prop == null)) {
    System.setProperty(SYSPROP, loginConfigStr);
    } else {
    setPropertyUsingLoop(loginConfigStr);
    }
  5. Mar 13th, 2005, 04:27 PM #5
    RayKrueger
    RayKrueger is offline Senior Member
    Join Date
    Oct 2004
    Posts
    207

    Default

    This fix has been applied in CVS.
« Previous Thread | Next Thread »

Similar Threads

  1. Beandoc crashing (on its samples!)
    By aaime in forum Container
    Replies: 17
    Last Post: Oct 7th, 2005, 07:21 AM
  2. how to register EJB into OC4J JNDI tree on app server start
    By jasonmcdermott in forum EJB
    Replies: 6
    Last Post: Sep 29th, 2005, 04:25 AM
  3. server validations on login page
    By grasshopper in forum Security
    Replies: 8
    Last Post: Sep 8th, 2005, 04:51 AM
  4. Hessian, how to simulate a session between client and server
    By Ana in forum Remoting
    Replies: 1
    Last Post: Aug 23rd, 2005, 09:24 AM
  5. Acegi - Login Tapestry
    By john017 in forum Security
    Replies: 1
    Last Post: Feb 4th, 2005, 01:11 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules