Skip navigation
jptech-ryan
Currently Being Moderated

Glassfish v3, BlazeDS, and authentication.

Dec 3, 2009 6:54 PM

Hi,

 

I'm looking for documentation about how to configure BlazeDS security with Glassfish v3.  I've found this:

 

http://anachronymous.com/2009/01/flex-blazeds-and-glassfish-part-1.htm l

 

...but it's for Glassfish v2.  Most of it should be the same, but some of the TomcatValve stuff has changed for Glassfish v3:

 

http://blogs.sun.com/jluehe/entry/glassfish_v3_adds_support_for

 

Should I be able to ignore the valve configuration and simply use TomcatLoginCommand since Glassfish v3 is supposed to support Tomcat style valves?  I tried adding the following to services-config.xml:

 

<security>
    <login-command class="flex.messaging.security.TomcatLoginCommand" server="all"/>

</security>

 

...but upon deployment I get the following error:

 

javax.servlet.UnavailableException: Cannot create class of type 'flex.messaging.security.TomcatLoginCommand'.

 

Can anyone point me in the right direction?

 

Ryan

 
Replies
  • Currently Being Moderated
    Mar 3, 2010 4:14 AM   in reply to jptech-ryan

    Hi,

     

    Have you found a solution at your problem?

     

    I want to make an authentification with a login, but actually I'm not able to do something...

     

     

    thanks

     
    |
    Mark as:
  • Currently Being Moderated
    Mar 3, 2010 7:21 AM   in reply to BatistutaGab

    Actually, I work with the glassfish and I deploy the blazeDS.war on it . I'm able to call the blazeDS with my flex client. The responses are correct.

     

    Now i'd like to secure my connexion with a Basic authentification. To achieve this, I modify my services-config.xml and add this lines :

    <security>
            <login-command class="flex.messaging.security.TomcatLoginCommand" server="Tomcat"/>
              <security-constraint id="managementSecurity">
                   <auth-method>Basic</auth-method>
              </security-constraint>
    </security>
    
    

    I have any role, because I only want to authentificate my client? That all!

     

    And in my remoting-config.xml, I have :

    <?xml version="1.0" encoding="UTF-8"?>
    <service id="remoting-service" 
        class="flex.messaging.services.RemotingService">
    
        <adapters>
            <adapter-definition id="java-object" class="flex.messaging.services.remoting.adapters.JavaAdapter" default="true"/>
        </adapters>
    
        <default-channels>
            <channel ref="my-amf"/>
        </default-channels>
         
         <destination id="UserManagement">
              <properties>
                   <source>Application.UserManagement</source>
                   <scope>application</scope>
              </properties>
              
              <security>
                   <security-constraint ref="managementSecurity"/>
              </security>
              
              <channels>
                   <channel ref="my-amf"/>
              </channels>
         </destination>
    
    </service>
    

     

    When I apply this and I call again blazeDS with my Flex application, a windows asks me a 'login' and 'password'. I suppose that it's a user describe by my Glassfish server but I have no idea of where I can find this. Could you tell me what's this famous LOGIN?

     

    By the way, I'm not able to create a 'custom authentification' with glassfish. If someone have some tutorials or helps, I would be glad.

     

    Thank you very much

     
    |
    Mark as:
  • Currently Being Moderated
    Mar 3, 2010 7:40 AM   in reply to jptech-ryan

    Thanks for you answoord!

     

    Actually, if I run my client flex with the BASIC authentification, a windows asks me a login and password. unfortunetly, I don't know this login. Do you tkink that's a default login of Glassfish?

     

    I'll read your post.

     
    |
    Mark as:
  • Currently Being Moderated
    Mar 3, 2010 7:56 AM   in reply to jptech-ryan
    What happens when you enter a username and password?  Do you get an error or does it just keep asking in a continuous loop?

    It asks me in a continuous loop...

    I have no error in mu server.log.

    One thing I don't see in your configuration are any role mappings.

    Where do you describe your roles? In wich file?

     

    Thank again for you help.

     

    I'm wainting ;-)

     
    |
    Mark as:
  • Currently Being Moderated
    Mar 3, 2010 8:59 AM   in reply to jptech-ryan

    I followed your instructions. Now, when I make a request with my flex client, it doesn't ask me any login/password and I can acces at me application without login/password...

     

     

    I disable the part of security configuration of blazeDS and I copy you web.xml in my domain/application/blazeds/WEB-INF/web.xml .

     

    What is wrong?

     
    |
    Mark as:
  • Currently Being Moderated
    Mar 3, 2010 11:02 AM   in reply to jptech-ryan

    No, I have only one servlet.

     

    Maybe, you could show me your service-config.xml and you remoting-service.xml?

     

    Thank again for your help

     
    |
    Mark as:
  • Currently Being Moderated
    Mar 4, 2010 1:35 AM   in reply to jptech-ryan

    Hi,

     

    I don't understand, I have exactly the same configuration as you and it doesn't work..

     

    Thank again for your help. I've created a discution at this url : http://forums.java.net/jive/thread.jspa?threadID=76002

     

    You can join us if you want or you can write here ...

     

    Batistuta
     
    |
    Mark as:
  • Currently Being Moderated
    Nov 14, 2011 6:43 PM   in reply to jptech-ryan

    Hi Ryan,

     

    If this problem still bothers you, you can refer to this article, http://www.iteye.com/topic/1117877

     

    I hacked TomcatValve.java, and everything works fine now.

     
    |
    Mark as:
  • Currently Being Moderated
    Dec 2, 2011 9:13 AM   in reply to Barryzhong

    I think I'm running into this same problem and would love to try the jar files with your fix, but when I try to download them, it wants me to login.  Are they accessible somewhere else that doesn't require a login?

     

    I also tried to download the latest nightly build for BlazeDS (4.6.0.xxx) thinking that the problem may have been fixed there, but it complains about not finding the server flexorg.wip3.adobe.com.  Is the problem fixed in those builds and if so, are the downloads accessible from somewhere else?

     

    BTW, I had everything working previously, but now that I've upgraded the glassfish server, etc. the error I get when I try to authenticate is:

     

    [#|2011-12-02T11:20:18.987-0500|INFO|glassfish3.1.1|javax.enterprise.s ystem.std.com.sun.enterprise.server.logging|_ThreadID=25;_ThreadName=T hread-3;|[BlazeDS]Deserializing AMF/HTTP request

    Version: 3

      (Message #0 targetURI=null, responseURI=/5)

        (Array #0)

          [0] = (Typed Object #0 'flex.messaging.messages.CommandMessage')

        operation = 8

            correlationId = ""

            destination = "auth"

            clientId = null

            timestamp = 0

            headers = (Object #1)

              DSEndpoint = "my-amf"

              DSId = "F2F6DEFD-4708-542F-E3BF-7AE2D9218A97"

            messageId = "7085C0ED-AFB3-C8ED-45EC-FF93899BA917"

            body = "bHNhZG1pbjpwYXNz"

            timeToLive = 0

    |#]

     

    [#|2011-12-02T11:20:18.994-0500|INFO|glassfish3.1.1|javax.enterprise.s ystem.std.com.sun.enterprise.server.logging|_ThreadID=25;_ThreadName=T hread-3;|[BlazeDS]Serializing AMF/HTTP response

    Version: 3

      (Message #0 targetURI=/5/onStatus, responseURI=)

        (Typed Object #0 'flex.messaging.messages.ErrorMessage')

          headers = (Object #1)

          rootCause = null

          body = null

          correlationId = "7085C0ED-AFB3-C8ED-45EC-FF93899BA917"

          faultDetail = null

          faultString = "There was an unhandled failure on the server. org.apache.catalina.Realm.authenticate(Ljava/lang/String;Ljava/lang/S tring;)Ljava/security/Principal;"

          clientId = "F2F7331A-7B1C-A69C-E6D9-D1792EE0ED1B"

          timeToLive = 0.0

          destination = "auth"

          timestamp = 1.322842818991E12

          extendedData = null

          faultCode = "Server.Processing"

          messageId = "F2F73324-3F0E-1787-341C-5E1CB73DBD73"

    |#]

     

     

    I'm hoping this is the same problem.  Thanks for any help!

     

    Renee

     
    |
    Mark as:

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points