Thanks, Nithya. I get the same error in the logs:
INFO: java_security.audit_auth_refused
WARNING: Web login failed: Login failed:
javax.security.auth.login.LoginException: Invalid null input: name
I may be configuring the groups incorrectly. I specified
<role-name>User</role-name>
<group-name>Anyone</group-name>
</security-role-mapping>
And I made sure that getGroupNames in my realm class included "Anyone" in
the enumeration.
GetGroupNames() and getGroupNames(username) are never called though.
I don't know how to configure the groups or principals in Glassfish though.
In the Admin app, other realms have a Group field when I select them: mine
does not and I do not know what the property is called ("group"? "groups"?)
and I do not know where that information is being stored - can't find
anything in domain.xml or in login.conf.
Thanks again for the help.
Rod
> -----Original Message-----
> From: Nithya.Subramanian_at_Sun.COM [mailto:Nithya.Subramanian_at_Sun.COM]
> Sent: Monday, December 01, 2008 11:06 PM
> To: users_at_glassfish.dev.java.net
> Subject: Re: Configuring custom realm
>
> Hi Rod,
>
> Could you try including this entry in your sun-web.xml to map the role
> mentioned in your web.xml (User) to the corresponding principals or
> groups configured in your realm?
>
> <role-name>User</role-name>
> <principal-name>xxx</principal-name>
> <group-name>ggg</group-name>
> </security-role-mapping>
>
> Thanks
> Nithya
>
>
> Rod Fitzsimmons Frey wrote:
> > I'm sure I deserve a dope-slap, but I can't find where I've
> misconfigured my
> > custom authentication realm. I think I need the custom realm because
> I'm
> > using salted hashed passwords, and it doesn't look like the JDBCRealm
> does
> > that sort of thing. In any event, my authenticateUser() never gets
> called.
> > Instead I see in the server log:
> >
> > INFO: java_security.audit_auth_refused
> > WARNING: Web login failed: Login failed:
> > javax.security.auth.login.LoginException: Invalid null input: name
> >
> > I've extended AppservPasswordLoginModule and AppservRealm and
> modified
> > login.conf. My realm's init() method gets called on server startup
> according
> > to the server log. Here's the relevant entries:
> >
> > login.conf:
> >
> > attassaRealm {
> > com.attassa.webservices.realm.AttassaLoginModule required;
> > };
> >
> > deploy.xml:
> >
> > <auth-realm name="AttassaRealm"
> > classname="com.attassa.webservices.realm.AttassaRealm">
> > <property name="jaas-context" value="attassaRealm" />
> > </auth-realm>
> >
> > sun-application.xml (where does this go?)
> >
> > <realm>AttassaRealm</realm>
> >
> > web.xml:
> > <security-constraint>
> > <display-name>Constraint1</display-name>
> > <web-resource-collection>
> > <web-resource-name>pages</web-resource-name>
> > <description/>
> > <url-pattern>/*</url-pattern>
> > <http-method>GET</http-method>
> > <http-method>POST</http-method>
> > <http-method>HEAD</http-method>
> > <http-method>PUT</http-method>
> > <http-method>OPTIONS</http-method>
> > <http-method>TRACE</http-method>
> > <http-method>DELETE</http-method>
> > </web-resource-collection>
> > <auth-constraint>
> > <description/>
> > <role-name>User</role-name>
> > </auth-constraint>
> > </security-constraint>
> > <login-config>
> > <auth-method>BASIC</auth-method>
> > <realm-name>AttassaRealm</realm-name>
> > </login-config>
> > <security-role>
> > <description/>
> > <role-name>User</role-name>
> > </security-role>
> >
> > It may be relevant that I get a warning on server startup that User
> role has
> > no principals mapped to it.
> >
> > I'd really appreciate help seeing where I've missed a configuration
> step.
> >
> > Thanks,
> > Rod
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> > For additional commands, e-mail: users-help_at_glassfish.dev.java.net
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net