users@glassfish.java.net

Re: Correct Syntax for context.xml

From: <glassfish_at_javadesktop.org>
Date: Thu, 21 Feb 2008 00:16:11 PST

Yesterday I tryed to modify the content of my context.xml, copying some lines from the domain.xml. Here it is:

<Context
   path="/works"
   reloadable="true"
   antiJARLocking="true">

  <auth-realm classname="com.sun.enterprise.security.auth.realm.ldap.LDAPRealm" name="myLDAPRealm">
           <property name="directory" value="ldap://localhost:389"/>
           <property name="base-dn" value="ou=Roles,o=TEST,c=IT"/>
           <property name="jaas-context" value="ldapRealm"/>
           <property name="search-bind-dn" value="cn=master,ou=Roles,o=TEST,c=IT"/>
           <property name="search-bind-password" value="myPassword"/>
           <property name="search-filter" value="(&amp;(uid={0})(accountStatus=active))"/>
           <property name="group-target" value="cn"/>
           <property name="group-base-dn" value="uid={0},ou=People,o=TEST,c=IT"/>
           <property name="group-search-filter" value="(uniqueMember={0})"/>
  </auth-realm>

</Context>

And here is the security part of web.xml:

<security-constraint>
    <web-resource-collection>
       <web-resource-name>confidential</web-resource-name>
       <url-pattern>/confidential/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>*</role-name>
    </auth-constraint>
  </security-constraint>

  <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>myLDAPRealm</realm-name>
    <form-login-config>
      <form-login-page>/login.htm</form-login-page>
      <form-error-page>/error-login.html</form-error-page>
    </form-login-config>
  </login-config>

But no way to let glassfish read it!! I stopped and starded the application server as Amy posted in her blog, but nothig....


Here is what glassfish write in server.log:

[#|2008-02-21T08:57:31.896+0100|INFO|sun-appserver9.1|javax.enterprise.system.core.security|_ThreadID=17;_ThreadName=httpSSLWorkerThread-80-4;ciccio;|SEC5046: Audit: Authentication refused for [myUser].|#]

[#|2008-02-21T08:57:31.896+0100|WARNING|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=17;_ThreadName=httpSSLWorkerThread-80-4;_RequestID=afc525eb-ca68-4c4f-a4ef-2d3815bb9300;|Web login failed: Login failed: javax.security.auth.login.LoginException: Failed file login for myUser.|#]


I don't change the default configuration in Security, so now it is as the first time I started glassfish, but I think that glassfish try to find myUser in one of the default Realms, even if the security manager is disabled.

Please help me!!!
Thanks,
Stefy
[Message sent by forum member 'stefax' (stefax)]

http://forums.java.net/jive/thread.jspa?messageID=260109
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.