Dashboard > Community Wiki > ... > Deployment > Magnolia JBoss and JAAS
Magnolia JBoss and JAAS Log In View a printable version of the current page.

Added by GrĂ©gory Joseph , last edited by Boris Kraft on Jun 23, 2008  (view change)
Labels: 

There are a bunch of pages related to JBoss deployment. If someone wants to volunteer and merge them, that'd be much appreciated.

Deploying on JBoss (Community Wiki)
Labels: v2_0, jboss, installation, config, v2_1, deployment, app-server
How to install Magnolia 3.0 EE on Jboss 4.0.x (Community Wiki)
Labels: jboss, deployment
How to secure the JBoss server (Community Wiki)
Labels: jboss, deployment
Install Magnolia 2.1 on JBoss4 (Community Wiki)
Labels: jboss, installation, deployment, v2_1
Installation on JBoss4 (Community Wiki)
Labels: jboss, app-server, deployment
Installation under JBoss (Community Wiki)
Labels: jboss, deployment, app-server
Magnolia JBoss and JAAS (Community Wiki)
Labels: jboss, deployment
Magnolia, Eclipse, Jboss and Oracle (Community Wiki)
Labels: jboss, oracle, eclipse

What we are trying to do

Deploying Magnolia 2.1 and 3.0 release inside JBoss 4.0.

Issue

Whilst JBoss was trying to load the repositories (one of the first things it does)..
it was dieing whilst the JCR was intiialising.

Jackrabbit is the provider of the repository underneath our magnolia CMS.

Jackrabbit requires that a "user/object" logs in before it can access the repository.
Magnolia logs into the CMS, as a magnolia CMS (nothing to do with the users in your Admin).

When JBoss is initialising, the key error message / exception that is thrown is actually from JBoss.. 

15:00:53,186 ERROR [UsersRolesLoginModule] Failed to load users/passwords/role files 
java.io.IOException: Properties file users.properties not found 
at org.jboss.security.auth.spi.UsersRolesLoginModule.loadProperties(UsersRolesLoginModule.java:217) 
at org.jboss.security.auth.spi.UsersRolesLoginModule.loadUsers(UsersRolesLoginModule.java:234) 
at org.jboss.security.auth.spi.UsersRolesLoginModule.initialize(UsersRolesLoginModule.java:100) 
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) 
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
at java.lang.reflect.Method.invoke(Method.java:324) 
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662) 
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129) 
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610) 
at java.security.AccessController.doPrivileged(Native Method) 
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607) 
at javax.security.auth.login.LoginContext.login(LoginContext.java:534) 
at org.apache.jackrabbit.core.RepositoryImpl.login(RepositoryImpl.java:679)

The cause, as far as I can ascertain is as follows.
In Magnolia, a system property is set in the following class 

info.magnolia.cms.beans.config.ConfigLoader 
... 
System.setProperty("java.security.auth.login.config", Path 
.getAbsoluteFileSystemPath("WEB-INF/config/jaas.config")); 
...

What is happening here is that Magnolia is telling the JVM to use the "settings" for JAAS login security
found in the WEB-INF/config/jaas.config file.

All of that is there, but JBoss ignores the request, (can't see when or why).
-

Resolution

JBoss however has a file already setup for just this purpose.

{${JBOSS_HOME}/server/<<your_configuration>>/conf/login-config.xml}

eg .. we run the "all" config and jboss is install in /usr/local/jboss.. 

/usr/local/jboss/server/all/conf/login-config.xml

What we need to do is add our "Jackrabbit" setting found in 

WEB-INF/config/jaas.config

and pop it into 

/usr/local/jboss/server/all/conf/login-config.xml

The file formats are different however.. Jboss is XML based.

Add the following to the JBoss file under the root <policy> node.

I put it second last, (above the <application-policy name = "other"> node ) 

<application-policy name = "Jackrabbit"> 
          <authentication> 
            <login-module code = "org.apache.jackrabbit.core.security.SimpleLoginModule" 
               flag = "required" /> 
          </authentication> 
    </application-policy>

In addition, if you are using Magnolia 3.0 you have to add the following XML to make it work:

<application-policy name="magnolia">
      <authentication>
        <login-module code="info.magnolia.jaas.sp.jcr.JCRAuthenticationModule" flag="requisite"/>
        <login-module code="info.magnolia.jaas.sp.jcr.JCRAuthorizationModule" flag="required"/>
      </authentication>
    </application-policy>

and then restart.. all should be well.

In its previous incarnation on JspWiki, this page was last edited on Feb 9, 2007 10:26:36 AM by Mazbi
Other known authors include :

  • RamonBuckland
Powered by a free Atlassian Confluence Open Source Project License granted to Magnolia International. Evaluate Confluence today.
Powered by Atlassian Confluence 2.7, the Enterprise Wiki. Bug/feature request - Atlassian news - Contact administrators