Re: [magnolia-dev] External authentication

[Grégory Joseph]

Hi,

On Dec 13, 2007, at 18:57 , Vaughan, Dallas wrote:
Hello,
We are trying to integrate Magnolia (3.5RC3) with a pre-existing  
web app (with a pre-existing custom security provider) on Weblogic  
9.2.  I've configured Magnolia JAAS authentication (by modifying  
the flags in the JAAS config file to "sufficient"), and configured  
Weblogic to use this file, and it seems to work, to a point.   
Navigating to Magnolia (either before or after logging in to our  
web app) always fails with this:

I'm assuming you mean you want to use a custom  
javax.security.auth.spi.LoginModule. In the JAAS config, you need to  
keep the "info.magnolia.jaas.sp.jcr.JCRAuthorizationModule required",  
in order to get the ACLs (authorization) from Magnolia/JCR. Your  
module can be on top of that and replace JCRAuthenticationModule, but  
it can't be "sufficient" since that will interrupt the chain, I think  
it needs to be "requisite".

Please let me know how this goes.

Now, the exception you get isn't the nicest thing to understand  
what's wrong, so you might want to report this in Jira or better yet,  
propose a patch that handles this a bit more nicely.

Cheers,

greg

ps: when creating a new thread on the list, please create a new  
message rather than replying to a random unrelated one. thanks.

java.util.NoSuchElementException
        at java.util.HashMap$HashIterator.nextEntry(HashMap.java:2139)
        at java.util.HashMap$KeyIterator.next(HashMap.java:2172)
	at info.magnolia.cms.util.WorkspaceAccessUtil.createAccessManager 
(WorkspaceAccessUtil.java:146)
	at info.magnolia.context.DefaultRepositoryStrategy.getAccessManager 
(DefaultRepositoryStrategy.java:69)
	at info.magnolia.context.AbstractContext.getAccessManager 
(AbstractContext.java:114)
	at info.magnolia.context.MgnlContext.getAccessManager 
(MgnlContext.java:167)
	at info.magnolia.cms.security.URISecurityFilter.isAllowed 
(URISecurityFilter.java:81)
	at info.magnolia.cms.security.BaseSecurityFilter.doFilter 
(BaseSecurityFilter.java:59)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter 
(AbstractMgnlFilter.java:70)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter 
(MgnlFilterChain.java:71)
	at info.magnolia.cms.security.LogoutFilter.doFilter 
(LogoutFilter.java:81)
	at  
info.magnolia.cms.filters.OncePerRequestAbstractMgnlFilter.doFilter 
(OncePerRequestAbstractMgnlFilter.java:62)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter 
(MgnlFilterChain.java:71)
	at info.magnolia.cms.security.auth.login.LoginFilter.doFilter 
(LoginFilter.java:83)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter 
(AbstractMgnlFilter.java:70)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter 
(MgnlFilterChain.java:71)
	at info.magnolia.cms.filters.ContentTypeFilter.doFilter 
(ContentTypeFilter.java:73)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter 
(AbstractMgnlFilter.java:70)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter 
(MgnlFilterChain.java:71)
	at info.magnolia.cms.filters.ContextFilter.doFilter 
(ContextFilter.java:72)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter 
(AbstractMgnlFilter.java:70)
	at info.magnolia.cms.filters.MgnlFilterChain.doFilter 
(MgnlFilterChain.java:71)
	at info.magnolia.cms.filters.CompositeFilter.doFilter 
(CompositeFilter.java:64)
	at info.magnolia.cms.filters.AbstractMgnlFilter.doFilter 
(AbstractMgnlFilter.java:70)
	at info.magnolia.cms.filters.MgnlMainFilter.doFilter 
(MgnlMainFilter.java:98)
	at info.magnolia.cms.filters.MgnlMainFilter.doFilter 
(MgnlMainFilter.java:195)
	at weblogic.servlet.internal.FilterChainImpl.doFilter 
(FilterChainImpl.java:42)
	at weblogic.servlet.internal.WebAppServletContext 
$ServletInvocationAction.run(WebAppServletContext.java:3212)
	at weblogic.security.acl.internal.AuthenticatedSubject.doAs 
(AuthenticatedSubject.java:321)
	at weblogic.security.service.SecurityManager.runAs 
(SecurityManager.java:121)
	at weblogic.servlet.internal.WebAppServletContext.securedExecute 
(WebAppServletContext.java:1983)
	at weblogic.servlet.internal.WebAppServletContext.execute 
(WebAppServletContext.java:1890)
	at weblogic.servlet.internal.ServletRequestImpl.run 
(ServletRequestImpl.java:1344)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)

Has anyone (reading this) had success with configuring Magnolia to  
use external security, especially on Weblogic?  Where would be the  
best place to start in order to customize Magnolia's  
authentication?  Thanks!

Dallas Vaughan



----------------------------------------------------------------
for list details see
http://documentation.magnolia.info/docs/en/editor/stayupdated.html
----------------------------------------------------------------