3 Replies Latest reply on Jul 12, 2013 11:16 AM by mstruk

JAAS Authenticator from an external web application

sviluppatorefico Jul 12, 2013 9:42 AM

I would use the default security domain in Gatein 3.6 (gatein-domain) from an external web application deployed in a war in the same jboss 7 as.

Here an example of web.xml:

<security-constraint>

<web-resource-collection>

<web-resource-name>Authenticated</web-resource-name>

<url-pattern>/*</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>Authenticated</role-name>

</auth-constraint>

</security-constraint>

<login-config>

<auth-method>BASIC</auth-method>

<realm-name>Gatein Forums

</realm-name>

</login-config>

<security-role>

<role-name>Authenticated</role-name>

</security-role>

and here a jboss-web.xml:

<security-domain>java:/jaas/gatein-domain</security-domain>

The modules of the gatein domain are not found. I suppose the problem is a classloading problem.

14:58:32,198 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--127.0.0.1-8080-1) Login failure: javax.security.auth.login.LoginException: unable to find LoginModule class: org.gatein.security.oauth.jaas.OAuthLoginModule from [Module "deployment.prova-0.0.1-SNAPSHOT.war:main" from Service Module Loader]

at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808) [classes.jar:1.6.0_45]

at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [classes.jar:1.6.0_45]

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [classes.jar:1.6.0_45]

at java.security.AccessController.doPrivileged(Native Method) [classes.jar:1.6.0_45]

1. Re: JAAS Authenticator from an external web application

mstruk Jul 12, 2013 10:36 AM (in response to sviluppatorefico)

From the stacktrace it looks like your prova-0.0.1-SNAPSHOT.war doesn't have visibility of OAuthLoginModule, which is packaged in exo.portal.component.web.oauth-common.jar - part of org.gatein.lib module which should be visible by default to your web application.

Does your prova-0.0.1-SNAPSHOT.war contain a WEB-INF/portlet.xml? Make sure you have this file even if it's empty. It's presence is required for GateIn to treat is as portlet application and add visibility of necessary classes to it.

You could also add the necessary dependency yourself either via MANIFEST.MF or via jboss-deployment-structure.xml as described here: https://docs.jboss.org/author/display/AS72/Class+Loading+in+AS7

You need a dependency on the module called org.gatein.lib.

For example, your META-INF/MANIFEST.MF would look like:

Dependencies: org.gatein.lib
1 of 1 people found this helpful
Actions
2. Re: JAAS Authenticator from an external web application

sviluppatorefico Jul 12, 2013 10:53 AM (in response to mstruk)

Am I forced to add a portlet.xml? The application is not a portlet..it's a simple webapp
Actions
3. Re: JAAS Authenticator from an external web application

mstruk Jul 12, 2013 11:16 AM (in response to sviluppatorefico)

If you have no portlets in your .war then no, you don't have to add portlet.xml. You can explicitly configure a dependency like I described.
Actions

Go to original post