ModularAuthenticationStrategy configuration in ini

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

ModularAuthenticationStrategy configuration in ini

Csaba Nemeth
using the following configuration in web.xml inline ini, I cannot get AtLeastOneSuccessful to work.
Debugging the application always shows the use of AllSuccessful

Is this ini configuration wrong?


[main]

securityManager = org.jsecurity.web.DefaultWebSecurityManager
securityManager.sessionMode = http
                               
cacheManager = org.jsecurity.cache.ehcache.EhCacheManager
securityManager.cacheManager = $cacheManager
                               
mra = org.jsecurity.authc.pam.ModularRealmAuthenticator
mrstrat = org.jsecurity.authc.pam.AtLeastOneSuccessfulModularAuthenticationStrategy
mra.modularAuthenticationStrategy = $mrstrat
securityManager.authenticator = $mra


Log shows:

DEBUG [org.jsecurity.config.ReflectionBuilder]: Encountered object reference [$mrstrat].  Looking up object with id [mrstrat]
TRACE [org.jsecurity.config.ReflectionBuilder]: Applying property [modularAuthenticationStrategy] value [org.jsecurity.authc.pam.AtLeastOneSuccessfulModularAuthenticationStrategy@a87e7b] on object of type [org.jsecurity.authc.pam.ModularRealmAuthenticator]

Reply | Threaded
Open this post in threaded view
|

Re: ModularAuthenticationStrategy configuration in ini

Les Hazlewood-2
I'm confused.  Your log output below does indeed show the AtLeastOneSuccessfulModularAuthenticationStrategy being injected. :/

On Thu, Feb 5, 2009 at 4:48 PM, Csaba Nemeth <[hidden email]> wrote:

using the following configuration in web.xml inline ini, I cannot get
AtLeastOneSuccessful to work.
Debugging the application always shows the use of AllSuccessful

Is this ini configuration wrong?


[main]

securityManager = org.jsecurity.web.DefaultWebSecurityManager
securityManager.sessionMode = http

cacheManager = org.jsecurity.cache.ehcache.EhCacheManager
securityManager.cacheManager = $cacheManager

mra = org.jsecurity.authc.pam.ModularRealmAuthenticator
mrstrat =
org.jsecurity.authc.pam.AtLeastOneSuccessfulModularAuthenticationStrategy
mra.modularAuthenticationStrategy = $mrstrat
securityManager.authenticator = $mra


Log shows:

DEBUG [org.jsecurity.config.ReflectionBuilder]: Encountered object reference
[$mrstrat].  Looking up object with id [mrstrat]
TRACE [org.jsecurity.config.ReflectionBuilder]: Applying property
[modularAuthenticationStrategy] value
[org.jsecurity.authc.pam.AtLeastOneSuccessfulModularAuthenticationStrategy@a87e7b]
on object of type [org.jsecurity.authc.pam.ModularRealmAuthenticator]


--
View this message in context: http://n2.nabble.com/ModularAuthenticationStrategy-configuration-in-ini-tp2277507p2277507.html
Sent from the JSecurity User mailing list archive at Nabble.com.


Reply | Threaded
Open this post in threaded view
|

Re: ModularAuthenticationStrategy configuration in ini

Csaba Nemeth
As I was testing the cause can be in the IniConfiguration class.

method createSecurityManagerForSection - line 184

It creates the default securityManager instance and puts into default under 'securityManager' and 'sm'.
As the configuration is read - I have only 'securityManager' defined. So only that map entry is updated.
The 'sm' stays the default.

In the iterator where it pulls the realm factories it first pulls 'securityManager' - the overridden one - then 'sm' - so we are back to the default settings.

If I change my ini - to have 'sm' insteadof 'securityManager' - all is fine.
But probably that is not what was intended.

Perhaps 'sm' should be put into the map after the iteration?
Jira?

Les Hazlewood-2 wrote
I'm confused.  Your log output below does indeed show the
AtLeastOneSuccessfulModularAuthenticationStrategy being injected. :/

On Thu, Feb 5, 2009 at 4:48 PM, Csaba Nemeth <csaba_nemeth@yahoo.ca> wrote:

>
> using the following configuration in web.xml inline ini, I cannot get
> AtLeastOneSuccessful to work.
> Debugging the application always shows the use of AllSuccessful
>
> Is this ini configuration wrong?
>
>
> [main]
>
> securityManager = org.jsecurity.web.DefaultWebSecurityManager
> securityManager.sessionMode = http
>
> cacheManager = org.jsecurity.cache.ehcache.EhCacheManager
> securityManager.cacheManager = $cacheManager
>
> mra = org.jsecurity.authc.pam.ModularRealmAuthenticator
> mrstrat =
> org.jsecurity.authc.pam.AtLeastOneSuccessfulModularAuthenticationStrategy
> mra.modularAuthenticationStrategy = $mrstrat
> securityManager.authenticator = $mra
>
>
> Log shows:
>
> DEBUG [org.jsecurity.config.ReflectionBuilder]: Encountered object
> reference
> [$mrstrat].  Looking up object with id [mrstrat]
> TRACE [org.jsecurity.config.ReflectionBuilder]: Applying property
> [modularAuthenticationStrategy] value
>
> [org.jsecurity.authc.pam.AtLeastOneSuccessfulModularAuthenticationStrategy@a87e7b
> ]
> on object of type [org.jsecurity.authc.pam.ModularRealmAuthenticator]
>
>
> --
> View this message in context:
> http://n2.nabble.com/ModularAuthenticationStrategy-configuration-in-ini-tp2277507p2277507.html
> Sent from the JSecurity User mailing list archive at Nabble.com.
>
>
Reply | Threaded
Open this post in threaded view
|

Re: ModularAuthenticationStrategy configuration in ini

Les Hazlewood-2
Yep, you're absolutely right.  I've appended your comments below to an already-existing issue that covers your problems:

https://issues.apache.org/jira/browse/JSEC-30

Thanks!

Les

On Fri, Feb 6, 2009 at 10:20 AM, Csaba Nemeth <[hidden email]> wrote:

As I was testing the cause can be in the IniConfiguration class.

method createSecurityManagerForSection - line 184

It creates the default securityManager instance and puts into default under
'securityManager' and 'sm'.
As the configuration is read - I have only 'securityManager' defined. So
only that map entry is updated.
The 'sm' stays the default.

In the iterator where it pulls the realm factories it first pulls
'securityManager' - the overridden one - then 'sm' - so we are back to the
default settings.

If I change my ini - to have 'sm' insteadof 'securityManager' - all is fine.
But probably that is not what was intended.

Perhaps 'sm' should be put into the map after the iteration?
Jira?


Les Hazlewood-2 wrote:
>
> I'm confused.  Your log output below does indeed show the
> AtLeastOneSuccessfulModularAuthenticationStrategy being injected. :/
>
> On Thu, Feb 5, 2009 at 4:48 PM, Csaba Nemeth <[hidden email]>
> wrote:
>
>>
>> using the following configuration in web.xml inline ini, I cannot get
>> AtLeastOneSuccessful to work.
>> Debugging the application always shows the use of AllSuccessful
>>
>> Is this ini configuration wrong?
>>
>>
>> [main]
>>
>> securityManager = org.jsecurity.web.DefaultWebSecurityManager
>> securityManager.sessionMode = http
>>
>> cacheManager = org.jsecurity.cache.ehcache.EhCacheManager
>> securityManager.cacheManager = $cacheManager
>>
>> mra = org.jsecurity.authc.pam.ModularRealmAuthenticator
>> mrstrat =
>> org.jsecurity.authc.pam.AtLeastOneSuccessfulModularAuthenticationStrategy
>> mra.modularAuthenticationStrategy = $mrstrat
>> securityManager.authenticator = $mra
>>
>>
>> Log shows:
>>
>> DEBUG [org.jsecurity.config.ReflectionBuilder]: Encountered object
>> reference
>> [$mrstrat].  Looking up object with id [mrstrat]
>> TRACE [org.jsecurity.config.ReflectionBuilder]: Applying property
>> [modularAuthenticationStrategy] value
>>
>> [org.jsecurity.authc.pam.AtLeastOneSuccessfulModularAuthenticationStrategy@a87e7b
>> ]
>> on object of type [org.jsecurity.authc.pam.ModularRealmAuthenticator]
>>
>>
>> --
>> View this message in context:
>> http://n2.nabble.com/ModularAuthenticationStrategy-configuration-in-ini-tp2277507p2277507.html
>> Sent from the JSecurity User mailing list archive at Nabble.com.
>>
>>
>
>

--
View this message in context: http://n2.nabble.com/ModularAuthenticationStrategy-configuration-in-ini-tp2277507p2284638.html
Sent from the JSecurity User mailing list archive at Nabble.com.


Reply | Threaded
Open this post in threaded view
|

Re: ModularAuthenticationStrategy configuration in ini

Csaba Nemeth
Just to share my experiences:
I moved the 'sm' to the bottom of the method, and I found, that it throws a NullPointerException from EhCacheManager, at when the realms are set.

Setting the realms on securityManager uses the cacheManager - the cacheManager should be initialized before this happens.