users@jersey.java.net

[Jersey] Re: AuthC in Jersey (jdbcRealm)

From: Arthur Yeo <artyyeo_at_gmail.com>
Date: Tue, 29 Mar 2011 10:50:25 -0700

Pavel,
I have asked this question in the main users_at_glassfish.java.net mailing list
but did not get any productive response yesterday. That's why I am turning
to this group since my webappl is a pure Jersey app. If this group is the
wrong group to ask., do you know of any forum which specializes in GF
security and would be willing to help?

----------------- here's what I asked -------------------------
I tried creating a brand new project based on Shing's blog (
http://blogs.sun.com/swchan/entry/jdbcrealm_in_glassfish_with_mysql).
It worked if it is on BasicAuth, but when I switched to DIGEST, I got the
errors which I captured below. Can someone help me with diagnosing this,
please?

Also, has anyone used GF Form Auth and Digest Auth successfully in their
production env?

I have updated the following components to use DIGEST:

   1. encoded the password with md5 when I switched to DIGEST in the
   usertable
   2. web.xml is updated to use DIGEST
   3. jdbcrealm was updated in the AdminConsole to use digest: JAAS context
   = jdbcDigestRealm; Digest Algorithm = MD


Is there something missing?

-------------- Errors from server log -------------------
Timestamp
Mar 29, 2011 10:24:37.505
Log Level
SEVERE
Logger
javax.enterprise.system.core.security.com.sun.appserv.security
Name-Value Pairs
{_ThreadName=Thread-1, _ThreadID=37}
Record Number
4342
Message ID
SEC1105
Complete Message
A PasswordCredential was required but not provided.

-----------------------------
Timestamp
Mar 29, 2011 10:24:37.506
Log Level
WARNING
Logger
javax.enterprise.system.container.web.com.sun.web.security
Name-Value Pairs
{_ThreadName=Thread-1, _ThreadID=37}
Record Number
4345
Message ID
Web login failed
Complete Message
Login failed: javax.security.auth.login.LoginException: No credentials.
---------------------------------


On Tue, Mar 29, 2011 at 1:54 AM, Pavel Bucek <pavel.bucek_at_oracle.com> wrote:

>
> Hello Arthur,
>
> not really sure how is this related to Jersey, but you probably should look
> after something newer (this article is from year 2007).
>
> Maybe I'm just missing your point, so please clarify / provide some code
> snippet / ...
>
> Thanks,
> Pavel
>
>
> On 3/29/11 12:19 AM, Arthur Yeo wrote:
>
>> Hi,
>>
>> I have been going thru the blog by Shing Wai Chan (
>> http://blogs.sun.com/swchan/entry/jdbcrealm_in_glassfish_with_mysql) and
>> a couple of others and I cannot get authentication to work (whether I use
>> BASIC, DIGEST or FORM).
>> Can some one confirm that, in addition, to Shing's steps, I also need to
>> set up session-config?
>>
>> --
>> Arthur Y.
>>
>
>


-- 
Arthur Y.