• Post Reply Bookmark Topic Watch Topic
  • New Topic

JAAS Real program giving error like javax.security.auth.login.LoginException: No LoginModules  RSS feed

 
Nazeer Ahammad
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

I'm tring to execute one authentication program using JAAS realms in tomcat but when i was running i'm getting error like below.

javax.security.auth.login.LoginException: No LoginModules configured for BytesLoungeLogin
at javax.security.auth.login.LoginContext.init(Unknown Source)
at javax.security.auth.login.LoginContext.<init>(Unknown Source)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:394)
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:334)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:157)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:554)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:380)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:243)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:188)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:288)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

used classes are classes :
------------------------------------

import java.security.Principal;

public class RolePrincipal implements Principal {

private String name;

public RolePrincipal(String name) {
super();
this.name = name;
}

public void setName(String name) {
this.name = name;
}

@Override
public String getName() {
return name;
}

}
-----------------------------------------------------------------------
import java.security.Principal;

public class UserPrincipal implements Principal {

private String name;

public UserPrincipal(String name) {
super();
this.name = name;
}

public void setName(String name) {
this.name = name;
}

@Override
public String getName() {
return name;
}

}
-----------------------------------------------------------------------------------

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;

public class BytesLoungeLoginModule implements LoginModule {

private CallbackHandler handler;
private Subject subject;
private UserPrincipal userPrincipal;
private RolePrincipal rolePrincipal;
private String login;
private List<String> userGroups;

@Override
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map<String, ?> sharedState, Map<String, ?> options) {

handler = callbackHandler;
this.subject = subject;
}

@Override
public boolean login() throws LoginException {

Callback[] callbacks = new Callback[2];
callbacks[0] = new NameCallback("login");
callbacks[1] = new PasswordCallback("password", true);

try {
handler.handle(callbacks);
String name = ((NameCallback) callbacks[0]).getName();
String password = String.valueOf(((PasswordCallback) callbacks[1])
.getPassword());

if (name != null && name.equals("user123") && password != null
&& password.equals("pass123")) {
login = name;
userGroups = new ArrayList<String>();
userGroups.add("admin");
return true;
}

throw new LoginException("Authentication failed");

} catch (IOException e) {
throw new LoginException(e.getMessage());
} catch (UnsupportedCallbackException e) {
throw new LoginException(e.getMessage());
}

}

@Override
public boolean commit() throws LoginException {

userPrincipal = new UserPrincipal(login);
subject.getPrincipals().add(userPrincipal);

if (userGroups != null && userGroups.size() > 0) {
for (String groupName : userGroups) {
rolePrincipal = new RolePrincipal(groupName);
subject.getPrincipals().add(rolePrincipal);
}
}

return true;
}

@Override
public boolean abort() throws LoginException {
return false;
}

@Override
public boolean logout() throws LoginException {
subject.getPrincipals().remove(userPrincipal);
subject.getPrincipals().remove(rolePrincipal);
return true;
}

}
------------------------------------
web.xml is like below

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>JDBCRealms</display-name>

<security-constraint>
<web-resource-collection>
<web-resource-name>Admin</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>

<security-role>
<role-name>admin</role-name>
</security-role>

<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Admin</realm-name>
</login-config>
</web-app>
-------------------------------------------------------------------------------
below one is context.xml it is placed in META-INF

<?xml version="1.0" encoding="UTF-8"?>
<Context>
<Realm className="org.apache.catalina.realm.JAASRealm" appName="BytesLoungeLogin"
userClassNames="com.byteslounge.jaas.UserPrincipal" roleClassNames="com.byteslounge.jaas.RolePrincipal" />
</Context>
--------------------------------------------------------------------------
below one is the jaas.config file it is placed in Tomcat->conf folder.


BytesLoungeLogin {
com.byteslounge.jaas.BytesLoungeLoginModule required debug=true;
};


Please any one solve my problem.

Thanks and Regards,
Nazeer.
 
Carles Gasques
Ranch Hand
Posts: 199
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Have you verified the content of the context.xml already in use?
Only if a context file does not exist for the application in the $CATALINA_HOME/conf/[enginename]/[hostname]/; in an individual file at /META-INF/context.xml inside the application files. If the web application is packaged as a WAR then /META-INF/context.xml will be copied to $CATALINA_HOME/conf/[enginename]/[hostname]/ and renamed to match the application's context path. Once this file exists, it will not be replaced if a new WAR with a newer /META-INF/context.xml is placed in the host's appBase.


Why do you don't use the server.xml to define your realm?


Best regards,
 
Nazeer Ahammad
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi Carles Gasques,

i'm new to Realm som please help me. how to verify context.xml that is already in use?

Thanks & Regards,
Nazeer.
 
surlac surlacovich
Ranch Hand
Posts: 296
Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Nazeer Ahammad wrote:
i'm new to Realm som please help me.

What are you trying achieve with custom authentication module? Fetch credentials from external resource or something...?
 
Nazeer Ahammad
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
i'm trying to take credentials from db and if those are vaid then give home page otherwise give an error page. To achive this i'm using JAAS realms .
 
surlac surlacovich
Ranch Hand
Posts: 296
Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Nazeer Ahammad wrote:i'm trying to take credentials from db and if those are vaid then give home page otherwise give an error page. To achive this i'm using JAAS realms .

Do you use standalone tomcat or tomcat-maven-plugin?
 
surlac surlacovich
Ranch Hand
Posts: 296
Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Anyway, the problem is that Tomcat unable to locate "java.security.auth.spi.LoginModule" instance for realm that represents your app.
Add to catalina.sh:
JAVA_OPTS="$JAVA_OPTS -Djava.security.auth.login.config=$CATALINA_BASE/conf/jaas.config"
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!