Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Other Security APIs, Tools, and Issues

Urgent! Problem setting users/credentials in jazn-data.xml in oc4j 10.1.3

My application is an EAR deployed in OAS 9.0.4 successfully. Now I am trying to deploy it in oc4j standalone 10.1.3. I use Enterprise Manager to do deploy it. My EAR contains a War and also an application.xml like this:

<module>

<web>

<web-uri>myModule.war</web-uri>

<context-root>/myModule</context-root>

</web>

</module>

<security-role>

<description>user with all rights</description>

<role-name>Admin-Role</role-name>

</security-role>

and an orion-application.xml like this:

<web-module id="myModule" path="myModule.war"/>

<security-role-mapping name="Admin-Role">

<group name="Admin-Role"/>

</security-role-mapping>

When deployed the WEB-INF in the application has an orion-web.xml like this:

<security-role-mapping name="Admin-Role">

<group name="Admin-Role" />

</security-role-mapping>

and web.xml contains:

<security-constraint>

<web-resource-collection>

<web-resource-name>...the name...</web-resource-name>

<url-pattern>...the pattern....</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>Admin-Role</role-name>

</auth-constraint>

<user-data-constraint>

<transport-guarantee>NONE</transport-guarantee>

</user-data-constraint>

</security-constraint>

While deploying this EAR with the em, the selected security provider is file based. I do not provide an XML name as my EAR does not contain jazn-data.xml. It says one will be created by the em but this does not happen. In Map Security Roles page, no existing users are found although all the roles are shown correctly and mapped to the correct groups.

I tried adding a jazn-data.xml to the applications\myAPP\META-INF directory as follows:

<jazn-data>

<jazn-realm>

<realm>

<name>jazn.com</name>

<users>

<user>

<name>admin-user</name>

<credentials>admin-pwd</credentials>

</user>

</users>

<roles>

<role>

<name>Admin-Role</name>

<display-name>Admin-Role</display-name>

<description>user with all rights</description>

<members>

<member>

<type>users</type>

<name>admin-user</name>

</member>

</members>

</role>

</roles>

</realm>

</jazn-realm>

</jazn-data>

Nothing happens. I added the following lines to orion-application.xml:

<jazn provider="XML" location="./jazn-data.xml" />

Now jazn-data.xml is generated in application-deployment/myApp (and nowhere else) but with no data. If I directly add a user in this, I get an error saying 'Credential malformatted'. Please help.

Also, web.xml(of my application) also contains:

<login-config>

<auth-method>BASIC</auth-method>

<realm-name>myRealm</realm-name>

</login-config>

<security-role>

<role-name>Admin-Role</role-name>

</security-role>

[3486 byte] By [s-raghavana] at [2007-10-3 7:27:59]
«« java mail
»» how to use CallableStatement in java
# 1

Hi,

You probably already have found the solution, but just in case other have this problem. It has to do that the credentials are not encrypted. That is why you get this error. To fix it make sure to put an excamation mark in front of the credentials. At deployment time the encryption will then be performed.

<user>

<name>user1</name>

<description>first user</description>

<credentials>!user1</credentials>

</user>

If you look at the ORACLE_HOME/j2ee\home\application-deployments\popreg\{your_app} folder you will find the jazn-data.xml file with the credentials encrypted

Kind regards,

Sam

sammartensa at 2007-7-15 2:27:05 > top of Java-index,Security,Other Security APIs, Tools, and Issues...
Security
Other Security APIs, Tools, and Issues

Security New Topic

Security Hot Topic

Security

All Classified