glassfish
  1. glassfish
  2. GLASSFISH-20370

Configuration of JDBC Realm prevents Glassfish from starting up

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Cannot Reproduce
    • Affects Version/s: 4.0_b85
    • Fix Version/s: 4.1
    • Component/s: security
    • Labels:
      None
    • Environment:

      3.5.0-24-generic #37-Ubuntu SMP Thu Feb 7 01:50:30 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

      Description

      The following configuration of the JDBC Realm prevents Glassfish to start up:
      <auth-realm name="jdbc-inverter-realm" classname="com.sun.enterprise.security.ee.auth.realm.jdbc.JDBCRealm">
      <property name="jaas-context" value="jdbcRealm" />
      <property name="password-column" value="password" />
      <property name="assign-groups" value="default" />
      <property name="datasource-jndi" value="jdbc/InverterDs" />
      <property name="digestrealm-password-enc-algorithm" value="SHA" />
      <property name="group-table" value="V_USER_ROLE" />
      <property name="user-table" value="USERS" />
      <property name="group-name-column" value="GROUP_NAME" />
      <property name="group-table-user-name-column" value="username" />
      <property name="digest-algorithm" value="none" />
      <property name="user-name-column" value="username" />
      </auth-realm>
      Removal of 'digestrealm-password-enc-algorithm' or a change to 'none' does not help.

      The startup process halts after the following log lines:

      [2013-04-22T18:27:30.471+0200] [glassfish 4.0] [INFO] [NCLS-LOGGING-00009] [javax.enterprise.logging] [tid: _ThreadID=13 _ThreadName=RunLevelControllerThread-1366648050214] [timeMillis: 1366648050471] [levelValue: 800] [[
      Running GlassFish Version: GlassFish Server Open Source Edition 4.0 (build 85)]]

      [2013-04-22T18:27:30.474+0200] [glassfish 4.0] [INFO] [NCLS-LOGGING-00010] [javax.enterprise.logging] [tid: _ThreadID=13 _ThreadName=RunLevelControllerThread-1366648050214] [timeMillis: 1366648050474] [levelValue: 800] [[
      Server log file is using Formatter class: com.sun.enterprise.server.logging.ODLLogFormatter]]

      [2013-04-22T18:27:30.561+0200] [glassfish 4.0] [INFO] [realm.loaded.successfully] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=16 _ThreadName=RunLevelControllerThread-1366648050217] [timeMillis: 1366648050561] [levelValue: 800] [[
      SEC1115: Realm [admin-realm] of classtype [com.sun.enterprise.security.auth.realm.file.FileRealm] successfully created.]]

      [2013-04-22T18:27:30.575+0200] [glassfish 4.0] [INFO] [realm.loaded.successfully] [javax.enterprise.system.core.security.com.sun.enterprise.security.auth.realm] [tid: _ThreadID=16 _ThreadName=RunLevelControllerThread-1366648050217] [timeMillis: 1366648050575] [levelValue: 800] [[
      SEC1115: Realm [file] of classtype [com.sun.enterprise.security.auth.realm.file.FileRealm] successfully created.]]

      No error message was given.

        Activity

        Hide
        spei added a comment -

        Can the filler provide following information:
        1)is the test a regression test, if yes, which test was that?
        2)If it is a new test, please supply the domain.xml file, and also supply the reproduce steps?
        Thanks

        Show
        spei added a comment - Can the filler provide following information: 1)is the test a regression test, if yes, which test was that? 2)If it is a new test, please supply the domain.xml file, and also supply the reproduce steps? Thanks
        Hide
        spei added a comment -

        The related code for this feature was in GF3.1.2, and somehow it was not ported to GF4.0. So in GF4.0.1, we need to
        1) port code from 3.1.2 to 4.0.1;
        2) repackage the code from nucleus/security appserver/security/core-ee's com.sun.enterprise.security.ee.auth.realm.

        Show
        spei added a comment - The related code for this feature was in GF3.1.2, and somehow it was not ported to GF4.0. So in GF4.0.1, we need to 1) port code from 3.1.2 to 4.0.1; 2) repackage the code from nucleus/security appserver/security/core-ee's com.sun.enterprise.security.ee.auth.realm.
        Hide
        Nithya Ramakrishnan added a comment -

        The same kind of configuration works in the latest GF install.The server starts up fine after creation of the realm

        <auth-realm name="jdbc-inverter-realm" classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm">
        <property name="jaas-context" value="jdbcRealm"></property>
        <property name="password-column" value="password"></property>
        <property name="assign-groups" value="default"></property>
        <property name="datasource-jndi" value="jdbc/InverterDs"></property>
        <property name="group-table" value="v_user_role"></property>
        <property name="user-table" value="users"></property>
        <property name="group-name-column" value="group_name"></property>
        <property name="digestrealm-password-enc-algorithm" value="SHA256"></property>
        <property name="group-table-user-name-column" value="username"></property>
        <property name="user-name-column" value="username"></property>
        </auth-realm>

        A couple of points to be noted.
        1.The packagename of the JDBCRealm class has changed (the ee part is gone. Pls see issue GLASSFISH-20364 for details.
        2. The digestrealm-password-enc-algorithm parameter needs to be supplied only for the JDBC Digest Realms (if you use the Digest Http auth mechanism). For JDBCRealm, the paramter does not matter.
        3. Please make sure you follow the steps in http://docs.oracle.com/javaee/6/tutorial/doc/glxgo.html before creating the realm . If you still see GF server startup failure, can you pls try to change the log level to FINE for security (domain/config/logging.properties) and let us know?

        For now, it appears that the bug is not reproducible

        Show
        Nithya Ramakrishnan added a comment - The same kind of configuration works in the latest GF install.The server starts up fine after creation of the realm <auth-realm name="jdbc-inverter-realm" classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"> <property name="jaas-context" value="jdbcRealm"></property> <property name="password-column" value="password"></property> <property name="assign-groups" value="default"></property> <property name="datasource-jndi" value="jdbc/InverterDs"></property> <property name="group-table" value="v_user_role"></property> <property name="user-table" value="users"></property> <property name="group-name-column" value="group_name"></property> <property name="digestrealm-password-enc-algorithm" value="SHA256"></property> <property name="group-table-user-name-column" value="username"></property> <property name="user-name-column" value="username"></property> </auth-realm> A couple of points to be noted. 1.The packagename of the JDBCRealm class has changed (the ee part is gone. Pls see issue GLASSFISH-20364 for details. 2. The digestrealm-password-enc-algorithm parameter needs to be supplied only for the JDBC Digest Realms (if you use the Digest Http auth mechanism). For JDBCRealm, the paramter does not matter. 3. Please make sure you follow the steps in http://docs.oracle.com/javaee/6/tutorial/doc/glxgo.html before creating the realm . If you still see GF server startup failure, can you pls try to change the log level to FINE for security (domain/config/logging.properties) and let us know? For now, it appears that the bug is not reproducible
        Hide
        Nithya Ramakrishnan added a comment -

        Closing the issue as the with the mentioned jdbc realm parameters, the issue is not reproducible.
        As mentioned in a previous comment, request the user to check the documentation for JDBC realm creation amd the fine logs in case of further problems

        Show
        Nithya Ramakrishnan added a comment - Closing the issue as the with the mentioned jdbc realm parameters, the issue is not reproducible. As mentioned in a previous comment, request the user to check the documentation for JDBC realm creation amd the fine logs in case of further problems

          People

          • Assignee:
            Nithya Ramakrishnan
            Reporter:
            blankema
          • Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: