Skip to main content

Install new SAM

Please note these java.net forums are being decommissioned and use the new and improved forums at https://community.oracle.com/community/java.
5 replies [Last post]
olivierJ
Offline
Joined: 2012-11-10

Hi,

I'm trying to install new server authentication module on GF V3.1 without success.

GF boots well but when my application calls this SAM I have this :

[#|2012-11-13T18:11:39.875+0100|WARNING|glassfish3.1.2|javax.enterprise.system.core.security.com.sun.enterprise.security.jmac.config|_ThreadID=77;_ThreadName=Thread-2;|jmac.provider_unable_to_load_authmodule|#]

I changed location of my JAR containing my SAM inside GF (GF_HOME\lib, GF_HOME\domains\domain1\lib,...) but it's the same.

Here is my SAM, so I just test to connect it with my application (war inside ear) :

public class CustomServerAuthModule implements ServerAuthModule {

private static Logger logger = Logger.getLogger(CustomServerAuthModule.class);
MessagePolicy requestPolicy, responsePolicy;
CallbackHandler callBackHandler;
Map<?, ?> options;

@SuppressWarnings("rawtypes")
public void initialize(MessagePolicy reqPolicy, MessagePolicy resPolicy, CallbackHandler cb, Map opts) throws AuthException {
requestPolicy = reqPolicy;
responsePolicy = resPolicy;
callBackHandler = cb;
options = opts;
logger.log(Level.INFO, "SIMSAM");
}

public void cleanSubject(MessageInfo arg0, Subject arg1)
throws AuthException {
// TODO Auto-generated method stub

}

public AuthStatus secureResponse(MessageInfo arg0, Subject arg1)
throws AuthException {
// TODO Auto-generated method stub
return null;
}

public AuthStatus validateRequest(MessageInfo arg0, Subject arg1,
Subject arg2) throws AuthException {
// TODO Auto-generated method stub
return null;
}

public Class<?>[] getSupportedMessageTypes() {
return new Class[]{HttpServletRequest.class, HttpServletResponse.class};
}



}

I have configured web.xml and glassfish-web.xml.

Please help me

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Kumar Jayanti Guest
Offline
Joined: 2011-04-02

GF_HOME\lib should have worked. It does work. Send us your jar and we will try it out.

On Nov 13, 2012, at 9:52 PM, forums@java.net wrote:

> Hi, I'm trying to install new server authentication module on GF V3.1 without
> success. GF boots well but when my application calls this SAM I have this :
> [#|2012-11-13T18:11:39.875+0100|WARNING|glassfish3.1.2|javax.enterprise.system.core.security.com.sun.enterprise.security.jmac.config|_ThreadID=77;_ThreadName=Thread-2;|jmac.provider_unable_to_load_authmodule|#]
> I changed location of my JAR containing my SAM inside GF (GF_HOME\lib,
> GF_HOME\domains\domain1\lib,...) but it's the same. Here is my SAM, so I just
> test to connect it with my application (war inside ear) : public class
> CustomServerAuthModule implements ServerAuthModule { private static Logger
> logger = Logger.getLogger(CustomServerAuthModule.class); MessagePolicy
> requestPolicy, responsePolicy; CallbackHandler callBackHandler; Map<?, ?>
> options; @SuppressWarnings("rawtypes") public void initialize(MessagePolicy
> reqPolicy, MessagePolicy resPolicy, CallbackHandler cb, Map opts) throws
> AuthException { requestPolicy = reqPolicy; responsePolicy = resPolicy;
> callBackHandler = cb; options = opts; logger.log(Level.INFO, "SIMSAM"); }
> public void cleanSubject(MessageInfo arg0, Subject arg1) throws AuthException
> { // TODO Auto-generated method stub } public AuthStatus
> secureResponse(MessageInfo arg0, Subject arg1) throws AuthException { // TODO
> Auto-generated method stub return null; } public AuthStatus
> validateRequest(MessageInfo arg0, Subject arg1, Subject arg2) throws
> AuthException { // TODO Auto-generated method stub return null; } public
> Class<?>[] getSupportedMessageTypes() { return new
> Class[]{HttpServletRequest.class, HttpServletResponse.class}; } } I have
> configured web.xml and glassfish-web.xml. Please help me
>
> --
>
> [Message sent by forum member 'olivierJ']
>
> View Post: http://forums.java.net/node/892251
>
>

olivierJ
Offline
Joined: 2012-11-10

With multiple GF reboots it's work now, probably I made some mistakes...sorry.

So my SAM is found by my application now but I don't understand this GF error :

[#|2012-11-15T15:58:10.578+0100|WARNING|glassfish3.1.2|org.apache.catalina.connector.Request|_ThreadID=92;_ThreadName=Thread-2;|PWC4011: Unable to set request character encoding to UTF-8 from context /web, because request parameters have already been read, or ServletRequest.getReader() has already been called|#]

[#|2012-11-15T15:58:10.578+0100|WARNING|glassfish3.1.2|org.apache.catalina.connector.Request|_ThreadID=91;_ThreadName=Thread-2;|PWC4011: Unable to set request character encoding to UTF-8 from context /web, because request parameters have already been read, or ServletRequest.getReader() has already been called|#]

[#|2012-11-15T15:58:10.593+0100|WARNING|glassfish3.1.2|org.apache.catalina.connector.Request|_ThreadID=89;_ThreadName=Thread-2;|PWC4011: Unable to set request character encoding to UTF-8 from context /web, because request parameters have already been read, or ServletRequest.getReader() has already been called|#]

[#|2012-11-15T15:58:10.640+0100|WARNING|glassfish3.1.2|org.apache.catalina.connector.Request|_ThreadID=88;_ThreadName=Thread-2;|PWC4011: Unable to set request character encoding to UTF-8 from context /web, because request parameters have already been read, or ServletRequest.getReader() has already been called|#]

[#|2012-11-15T15:58:10.765+0100|WARNING|glassfish3.1.2|org.apache.catalina.connector.Request|_ThreadID=90;_ThreadName=Thread-2;|PWC4011: Unable to set request character encoding to UTF-8 from context /web, because request parameters have already been read, or ServletRequest.getReader() has already been called|#]

[#|2012-11-15T15:58:10.781+0100|WARNING|glassfish3.1.2|org.apache.catalina.connector.Request|_ThreadID=89;_ThreadName=Thread-2;|PWC4011: Unable to set request character encoding to UTF-8 from context /web, because request parameters have already been read, or ServletRequest.getReader() has already been called|#]

[#|2012-11-15T15:58:10.796+0100|WARNING|glassfish3.1.2|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=90;_ThreadName=Thread-2;|StandardWrapperValve[default]: PWC1406: Servlet.service() for servlet default threw exception
java.lang.IllegalStateException: PWC3990: getWriter() has already been called for this response
at org.apache.catalina.connector.Response.getOutputStream(Response.java:674)
at org.apache.catalina.connector.ResponseFacade.getOutputStream(ResponseFacade.java:206)
at org.apache.catalina.servlets.DefaultServlet.serveResource(DefaultServlet.java:981)
at org.apache.catalina.servlets.DefaultServlet.doGet(DefaultServlet.java:466)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
|#]

My custom SAM can't be more simpliest :

public class CustomServerAuthModule implements ServerAuthModule {

private static Logger logger = Logger.getLogger(CustomServerAuthModule.class);
MessagePolicy requestPolicy, responsePolicy;
CallbackHandler callBackHandler;
Map<?, ?> options;

@SuppressWarnings("rawtypes")
public void initialize(MessagePolicy reqPolicy, MessagePolicy resPolicy, CallbackHandler cb, Map opts) throws AuthException {

logger.log(Level.INFO, "SIMSAM->initialize()");

requestPolicy = reqPolicy;
responsePolicy = resPolicy;
callBackHandler = cb;
options = opts;
}

public Class<?>[] getSupportedMessageTypes() {
return new Class[]{HttpServletRequest.class, HttpServletResponse.class};
}

public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {

logger.log(Level.INFO, "SIMSAM->validateRequest()");

return AuthStatus.SUCCESS;
}

public AuthStatus secureResponse(MessageInfo arg0, Subject arg1) throws AuthException {
logger.log(Level.INFO, "SIMSAM->secureResponse");
return AuthStatus.SUCCESS;
}

public void cleanSubject(MessageInfo arg0, Subject arg1) throws AuthException {
// TODO Auto-generated method stub

}

}

glassfish-web.xml contains this :

&lt;glassfish-web-app httpservlet-security-provider="SIMSAM">

&lt;context-root>web&lt;/context-root>

&lt;security-role-mapping>
<role-name>Employee&lt;/role-name>
<group-name>Employee&lt;/group-name>
&lt;/security-role-mapping>

&lt;/glassfish-web-app>

and my web.xml :

&lt;?xml version="1.0" encoding="ISO-8859-1"?>
&lt;web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">

&lt;welcome-file-list>
&lt;welcome-file>/index.xhtml&lt;/welcome-file>
&lt;/welcome-file-list>

&lt;servlet>
&lt;servlet-name>Faces Servlet&lt;/servlet-name>
&lt;servlet-class>javax.faces.webapp.FacesServlet&lt;/servlet-class>
&lt;load-on-startup> 1 &lt;/load-on-startup>
&lt;/servlet>

&lt;servlet-mapping>
&lt;servlet-name>Faces Servlet&lt;/servlet-name>
&lt;url-pattern>*.xhtml&lt;/url-pattern>
&lt;/servlet-mapping>

&lt;security-constraint>
&lt;display-name>Restricted GET To Employees&lt;/display-name>
&lt;web-resource-collection>
&lt;web-resource-name>Restricted Access - Get Only&lt;/web-resource-name>
&lt;url-pattern>*.xhtml&lt;/url-pattern>
&lt;http-method>GET&lt;/http-method>
&lt;http-method>POST&lt;/http-method>
</web-resource-collection>
&lt;auth-constraint>
&lt;role-name>Employee&lt;/role-name>
&lt;/auth-constraint>
&lt;user-data-constraint>
&lt;transport-guarantee>NONE&lt;/transport-guarantee>
&lt;/user-data-constraint>
&lt;/security-constraint>

&lt;security-role>
&lt;role-name>Employee&lt;/role-name>
&lt;/security-role>

&lt;login-config>
&lt;auth-method>FORM&lt;/auth-method>
&lt;realm-name>sim-realm2&lt;/realm-name>
&lt;/login-config>

&lt;/web-app>

Any help for my error ?

Goal is to provide custom realm with username, password AND some string to authenticate users. Good way to do this is to use SAM...no ?

Thanks

olivierJ
Offline
Joined: 2012-11-10

When I use pre-configured SAM GFConsoleAuthModule, it the same error too.

My glassfish-web.xml is containing

<glassfish-web-app httpservlet-security-provider="GFConsoleAuthModule">...

Thanks again

Anonymous

I have succed thanks to this post : Your text to link... [1] Thank you for
yor help Kumar

[1]
https://blogs.oracle.com/nasradu8/entry/loginmodule_bridge_profile_jaspi...

--

[Message sent by forum member 'olivierJ']

View Post: http://forums.java.net/node/892251

olivierJ
Offline
Joined: 2012-11-10

I have succed thanks to this post : Your text to link...

Thank you for yor help Kumar