I am trying to add a new custom authentication-provider with a WLST online-mode script but I get a class not found exception despite I can see my provider on the WL console.
This is the situation:
I have a JAR file, it contains a custom WebLogic authentication-provider.
The JAR is copied under the user_projects/domains/$DOMAIN_NAME/lib/ directory.
I can see the custom auth provider on the WL console, appears in the list: Home > Security Realms > myrealm > Providers > new> Type
I can add this custom provider by hand via WL Console.
But I need to automate this step so I have created a WLST script for this. The relevant part of the WLST is this:
# add a new authentication provider with name of MyCustomAuthProvider
cd('/SecurityConfiguration/' + _domainName + '/Realms/myrealm')
cmo.createAuthenticationProvider('MyCustomAuthProvider', 'aa.bb.cc.MyCustomAuthProvider')
cd('/SecurityConfiguration/' + _domainName + '/Realms/myrealm/AuthenticationProviders/MyCustomAuthProvider')
cmo.setControlFlag('OPTIONAL')
# reorder authentication providers
...
But this WLST throws the following exception:
java.lang.RuntimeException: java.lang.RuntimeException: java.lang.ClassNotFoundException: aa.bb.cc.MyCustomAuthProvider
So I did double-check to see whether the WL sees my custom auth provider:
wls:/offline> connect('weblogic', 'weblogic12', 't3://localhost:7001')
cd('/SecurityConfiguration/myDomain/Realms/myrealm')
ls()
The list I got is exactly the same as I expected: my class is on the list. This is the reason why I can add it using the web console.
This is the value of the AuthenticationProviderTypes:
java.lang.String[com.bea.security.saml2.providers.SAML2IdentityAsserter,
aa.bb.cc.MyCustomAuthProvider,
eblogic.security.providers.authentication.ActiveDirectoryAuthenticator,
weblogic.security.providers.authentication.CustomDBMSAuthenticator,
eblogic.security.providers.authentication.DefaultAuthenticator,
weblogic.security.providers.authentication.DefaultIdentityAsserter,
eblogic.security.providers.authentication.IPlanetAuthenticator,
weblogic.security.providers.authentication.LDAPAuthenticator,
weblogic.security.providers.authentication.LDAPX509IdentityAsserter,
weblogic.security.providers.authentication.NegotiateIdentityAsserter,
weblogic.security.providers.authentication.NovellAuthenticator,
weblogic.security.providers.authentication.OpenLDAPAuthenticator,
weblogic.security.providers.authentication.OracleIdentityCloudIntegrator,
weblogic.security.providers.authentication.OracleInternetDirectoryAuthenticator,
weblogic.security.providers.authentication.OracleUnifiedDirectoryAuthenticator,
weblogic.security.providers.authentication.OracleVirtualDirectoryAuthenticator,
weblogic.security.providers.authentication.ReadOnlySQLAuthenticator,
weblogic.security.providers.authentication.SQLAuthenticator,
weblogic.security.providers.authentication.VirtualUserAuthenticator,
weblogic.security.providers.saml.SAMLAuthenticator,
weblogic.security.providers.saml.SAMLIdentityAsserterV2]
Everything looks perfect. But then why WLST throws a class not found exception while trying to create it?
This is crazy.
I have googled for this, but only the same issues I have found without a solution.
here
and here
What I missed?
At some point oracle has changed from using CLASSPATH to WLST_EXT_CLASSPATH to set the classpath for WLST. Oracle doesn't seem to have done a great job of documenting that this is the right env variable to use though. I found it by digging through the various sh scripts that wlst.sh calls, but this document for 12c refers to it, but seems to be the only place that it's mentioned.
I've tested this using 14.1.1 and a custom provider in the DOMAIN/lib/mbeantypes dir and it works (i.e. I can use WLST to configure a custom security provider as long as I set WLST_EXT_CLASSPATH first) but don't have 12c to test that it works there.
I added my JAR to the WLST classpath, but this did not help.
I changed the CLASSPATH variable because the wlst.sh executes a java command in the background so this standard variable must be considered. It did not work.
I added the -cp JVM param manually to the java command that starts the WlST. It did not work.
The only workaround that worked for me is that the following:
for WL console: copy the JAR that contains the custom authentication provider under $ORACLE_HOME/user_projects/domains/$DOMAIN_NAME/lib/ directory
for WLST: copy the JAR to $ORACLE_HOME/wlserver/server/lib/mbeantypes/
The 2nd copy solved the class not found issue thrown by the WLST.
If you know a better, more standard way, please let me know.
Related
I want to write logging-messages to a defined file into the tomcat's log-folder, using eclipse, maven, tinylog.
Problem: There is no webapp.log as soon as I run the app in tomcat.
In eclipse everything works fine.
What I did:
add Maven-dependency tinylog-1.2.jar
set configuration-parameter in Run Configuration (Main-Tab) so the tinylog-properties can be found for the build-process:
name: -Dtinylog.configuration
value: C:\Program
Files\Tomcat\apache-tomcat-9.0.0.M13\webapps\folder\subfolder\tinylog.properties
in Java-Class:
import org.pmw.tinylog.Logger;
...
Logger.info(message);
tinylog.properties looks like:
tinylog.writer = file
tinylog.writer.filename = webapp.log
tinylog.writer.buffered = true
tinylog.writer.append = true
tinylog.level = info
I also tried different file-references but none of them worked:
tinylog.writer.file = C:\Program Files\Tomcat\apache-tomcat-9.0.0.M13\logs\webapp.log
tinylog.writer.file= "C:\Program Files\Tomcat\apache-tomcat-9.0.0.M13\logs\webapp.log"
Does anybody know how to write the logs into the named path-file?
Thanks for any valuable hint.
I propose to use the tinylog-jul artifact instead of the usual tinylog artifact. tinylog-jul provides the tinylog API, but uses the Tomcat logging back end. So, you don't need to configure tinylog. All log entries will be automatically output as you are used to with other logging APIs on Tomcat.
I am trying to implement a simple JAAS module with realm configuration on Tomcat 7. I am trying to implement this based on the following link:
http://www.byteslounge.com/tutorials/jaas-authentication-in-tomcat-example
I have placed jass.config in CATALINA_HOME/conf folder and have added the following code to CATALINA_HOME/bin/catalina.bat file
JAVA_OPTS=$JAVA_OPTS "-Djava.security.auth.login.config==$CATALINA_HOME/conf/jaas.config"
However, once I start Tomcat and attempt to access the protected admin.html page, I get the basic login dialog of the browser (as expected). But while trying to log in, Tomcat reports the following error:
SEVERE: Unexpected error
java.lang.SecurityException: Unable to locate a login configuration
Please help how to make Tomcat find the JAAS config file.
The fact that you're using .bat file suggests you're using Windows where variables get referred to using %VARIABLE% notation instead of $VARIABLE. Try changing the expression to:
set JAVA_OPTS=%JAVA_OPTS% -Djava.security.auth.login.config=%CATALINA_HOME%/conf/jaas.config
In the Java API example they create a Datastore by using DatastoreHelper.getOptionsfromEnv
But this creates the warning
WARNING: Not using any credentials
and leads ultimately to:
DatastoreException(null): beginTransaction 401
I set my environment variables to the following:
export DATASTORE_DATASET={Project-ID}
export DATASTORE_HOST="https://www.googleapis.com/datastore/v1/datasets/{Project-ID}"
export DATASTORE_SERVICE_ACCOUNT="{email address}"
export DATASTORE_PRIVATE_KEY_FILE="{path to local p12 keyfile}"
But still when I try to see what the credentials are:
println("Datastore helper: " +DatastoreHelper.getOptionsfromEnv
.dataset(datasetId).build().getCredential)
I get null, what could be missing?
Also is there either a way to set the Credentials inside the project (instead of using the getOptionsfromEnv)?
The problem was that even though I used
source ~/.bash_profile
to refresh my environemnt variables and the echo command showed me that they were indeed updated, apperently I needed to restart my terminal (using Mac OSX) for them to be also updated for sbt and Scala.
I am not sure why this is the case and if this is Scala specific but now I managed to authenticate and communicate with the server.
I managed to figure it out by using the local installation of the Datastore Server and continuing to have the same problems.
I am working on a grails app and need to remove Tomcat plugin in order to be able to host on Google App Engine (Also to use Jetty for another project)
As instructed on Grails app engine documentation, I need to remove Tomcat as GAE apps only runs on their server.
However, I keep on getting this error (The error message is much longer, only post the first few lines):
: Unable to delete file C:\Users\Rama\.grails\1.3.7\projects\ccubemanager\plugins\tomcat-1.3.7\lib\catalina-ant.jar
at org.apache.tools.ant.taskdefs.Delete.handle(Delete.java:624)
at org.apache.tools.ant.taskdefs.Delete.removeDir(Delete.java:683)
at org.apache.tools.ant.taskdefs.Delete.removeDir(Delete.java:679)
at org.apache.tools.ant.taskdefs.Delete.execute(Delete.java:543)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:288)
at sun.reflect.GeneratedMethodAccessor47.invoke(Unknown Source)
I am wondering if deleting the catalina-ant.jar manually would be a wise choice.
I tried to manually delete the whole /plugin directory anyway following this and it caused more mess that I cannot run any command on the app:
groovy.lang.MissingMethodException: No signature of method: java.math.BigInteger.call() is applicable for argument types: (java.lang.String) values: [target/classes]
Possible solutions: wait(), abs(), abs(), any(), wait(long), add(java.math.BigInteger)
at BuildConfig.run(BuildConfig.groovy:1)
at grails.util.BuildSettings.loadConfig(BuildSettings.groovy:653)
at grails.util.BuildSettings$loadConfig.callCurrent(Unknown Source)
at grails.util.BuildSettings.loadConfig(BuildSettings.groovy:630)
WARNING: There was an error loading the BuildConfig: No signature of method: java.math.BigInteger.call() is applicable for argument types: (java.lang.String) values: [target/classes]
Possible solutions: wait(), abs(), abs(), any(), wait(long), add(java.math.BigInteger)
I also try to start an entirely new project and uninstall tomcat, surprisingly it does not work either?
I am using Grails 1.3.7; STS 2.6.0; Windows 7
Could anyone please help, thanks alot!!
You should be able to uninstall tomcat by running the following command from the root of the project grails uninstall-plugin tomcat.
This will fail if another process has locked any of the files that the command needs to delete - this could be what is preventing catalina-ant.jar from being deleted. There are various tools available for windows that will tell you which process has a lock on a file. I've used unlocker in the past.
I'm trying to deploy a WAR in GF V3 that has CXF as a dependency and I get the following exception:
[#|2011-02-08T07:34:15.736-0800|WARNING|oracle-glassfish3.0.1|javax.enterprise.system.container.web.com.sun.enterprise.web|_ThreadID=32;_ThreadName=http-thread-pool-8080-(2);|StandardWrapperValve[MyServlet]: PWC1406: Servlet.service() for servlet MyServlet threw exception
com.sun.xml.ws.util.ServiceConfigurationError: com.sun.xml.ws.api.pipe.TransportPipeFactory: Provider com.sun.enterprise.jbi.serviceengine.bridge.transport.JBITransportPipeFactory is specified in bundle://254.0:0/META-INF/services/com.sun.xml.ws.api.pipe.TransportPipeFactory but not found
at com.sun.xml.ws.util.ServiceFinder.fail(ServiceFinder.java:241)
at com.sun.xml.ws.util.ServiceFinder.access$100(ServiceFinder.java:141)
at com.sun.xml.ws.util.ServiceFinder$LazyIterator.next(ServiceFinder.java:376)
at com.sun.xml.ws.api.pipe.TransportTubeFactory.create(TransportTubeFactory.java:129)
at com.sun.xml.ws.transport.DeferredTransportPipe.<init>(DeferredTransportPipe.java:82)
at com.sun.xml.ws.api.pipe.ClientTubeAssemblerContext.createTransportTube(ClientTubeAssemblerContext.java:311)
at com.sun.xml.ws.assembler.jaxws.TransportTubeFactory.createTube(TransportTubeFactory.java:62)
at com.sun.xml.ws.assembler.TubeCreator.createTube(TubeCreator.java:77)
at com.sun.xml.ws.assembler.TubelineAssemblerFactoryImpl$MetroTubelineAssembler.createClient(TubelineAssemblerFactoryImpl.java:121)
at com.sun.xml.ws.client.Stub.createPipeline(Stub.java:224)
at com.sun.xml.ws.client.Stub.<init>(Stub.java:201)
at com.sun.xml.ws.client.Stub.<init>(Stub.java:174)
at com.sun.xml.ws.client.sei.SEIStub.<init>(SEIStub.java:81)
at com.sun.xml.ws.client.WSServiceDelegate.createEndpointIFBaseProxy(WSServiceDelegate.java:602)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:344)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:326)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:308)
at javax.xml.ws.Service.getPort(Service.java:99)
at com.mycompany.myapp.webserviceclient.SomeWebserviceService.getSomeWebservicePort(SomeWebserviceService.java:58)
This sorta indicates to me that there is a bundle in my WAR\lib directory that is causing problems, but when I expand the WAR and do a search on META-INF\services I do not find anything that is close what is outlined in the exception.
I originally had CXF and it's transitive dependencies in the war\lib dir, but I've since removed that and still encounter the same error.
Nothing useful comes up when searching google and I'm at a loss here.
Does anyone know what might be going on here?
EDIT #1
Another symptom of this is that the tester pages for deployed web services will not work properly.
I had a similar problem with my glassfish3.1. Below is a stack trace
Caused by: com.sun.xml.ws.util.ServiceConfigurationError: com.sun.xml.ws.api.pipe.TransportPipeFactory: Provider com.sun.enterprise.jbi.serviceengine.bridge.transport.JBITransportPipeFactory is specified in bundle://96.0:0/META-INF/services/com.sun.xml.ws.api.pipe.TransportPipeFactory but not found
at com.sun.xml.ws.util.ServiceFinder.fail(ServiceFinder.java:245)
at com.sun.xml.ws.util.ServiceFinder.access$100(ServiceFinder.java:145)
at com.sun.xml.ws.util.ServiceFinder$LazyIterator.next(ServiceFinder.java:380)
at com.sun.xml.ws.api.pipe.TransportTubeFactory.create(TransportTubeFactory.java:133)
at com.sun.xml.ws.transport.DeferredTransportPipe.<init>(DeferredTransportPipe.java:86)
at com.sun.xml.ws.api.pipe.ClientTubeAssemblerContext.createTransportTube(ClientTubeAssemblerContext.java:315)
at com.sun.xml.ws.assembler.jaxws.TransportTubeFactory.createTube(TransportTubeFactory.java:67)
at com.sun.xml.ws.assembler.TubeCreator.createTube(TubeCreator.java:84)
at com.sun.xml.ws.assembler.TubelineAssemblerFactoryImpl$MetroTubelineAssembler.createClient(TubelineAssemblerFactoryImpl.java:130)
at com.sun.xml.ws.client.Stub.createPipeline(Stub.java:228)
at com.sun.xml.ws.client.Stub.<init>(Stub.java:205)
at com.sun.xml.ws.client.Stub.<init>(Stub.java:178)
at com.sun.xml.ws.client.sei.SEIStub.<init>(SEIStub.java:85)
at com.sun.xml.ws.client.WSServiceDelegate.createEndpointIFBaseProxy(WSServiceDelegate.java:608)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:348)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:330)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:312)
at javax.xml.ws.Service.getPort(Service.java:134)
at org.glassfish.webservices.monitoring.WebServiceTesterServlet.initializePort(WebServiceTesterServlet.java:563)
at org.glassfish.webservices.monitoring.WebServiceTesterServlet.doGet(WebServiceTesterServlet.java:169)
at org.glassfish.webservices.monitoring.WebServiceTesterServlet.invoke(WebServiceTesterServlet.java:104)
at org.glassfish.webservices.EjbWebServiceServlet.service(EjbWebServiceServlet.java:114)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at com.sun.grizzly.http.servlet.ServletAdapter$FilterChainImpl.doFilter(ServletAdapter.java:1002)
... 20 more
The problem was traced to the conflicting mappings for "com.sun.xml.ws.api.pipe.TransportPipeFactory" inside two different modules.
prompt> grep -rl com.sun.xml.ws.api.pipe.TransportPipeFactory /usr/local/glassfish-3.1/glassfish/domains/modules*
modules/webservices-osgi.jar
modules/sun-javaee-engine.jar
prompt> grep -rl com.sun.enterprise.jbi.serviceengine.bridge.transport.JBITransportPipeFactory /usr/local/glassfish-3.1/glassfish/domains/modules/*
modules/sun-javaee-engine.jar
Clearly, the required file was sitting in the wrong jar "sun-javaee-engine.jar".
Above, "sun-javaee-engine.jar" is loaded by the "Java EE Service Engine Module". Once I removed the module (using glassfish update tool) everything started working fine.
EDIT #1:
Here is how to remove the module using the update tool on the Unix command line:
sudo ./pkg uninstall sun-javaee-engine