codehaus - grails
 » 
grails - dev

 « Return to Thread: [Error 401] problem getting container managed security working with Grails/Jetty

Re: Grails bug prevents JEE Security (and Adding support for managing JEE security)

by Steve Tekell :: Rate this Message:

Reply to Author | View in Thread

I think your are right.

I removed the 401 from the generated web.xml and it worked with a simple test and basic authentication in Tomcat.

      <error-page>
                <error-code>401</error-code>
                <location>/grails-errorhandler</location>
        </error-page>

I guess this is blocking the container from getting the 401 that it needs to handle the security.
Does Grails even need take this error?
If not the fix should be easy.  At this point, I only know it's not in the template web.xml.






Graeme Rocher-2 wrote:
I'm not sure at this point what the problem is. It sounds like is is
related to the error handling servlet. We'll take a look in the coming
weeks

Cheers

On 11/5/07, Steve Tekell <tekells@usgs.gov> wrote:
>
> So I after duplicated the error with tomcat, I realized it's a Grails bug of
> some sort blocking JEE container managed security instead of a problem with
> my configuration of Grails's Jetty.
> http://jira.codehaus.org/browse/GRAILS-1778
>
> Anyway, assuming the bug can be fixed....
>
> I am planning to add support for managing JEE security that others can use.
> I assume I won't be the only JEE developer adding Grails into the mix where
> container managed security is used.  I started a plugin to manage the
> web.xml configuration.  I could just support a file, say web-security.xml,
> that is the web.xml fragment for security or do something with Groovy code
> instead of xml.  I'm open to suggestions.
>
> However, this won't work without changes to Grails so that developers can
> enable container managed realms in Grails's Jetty.  I am currently just
> hacking RunApp.groovy.  But I'd like to come up with a strategy that can
> make it into Grails proper.  Any ideas?
>
> thanks,
>
> Steve
>
>
>
> Steve Tekell wrote:
> >
> > I am having trouble getting standard JEE security working with Grails and
> > Jetty.  How do I get this working with Grail's Jetty?
> >
> > Here's what I tried.
> >
> > I altered RunApp.groovy and added (for configureHttpServer)
> >
> > HashUserRealm myrealm = new
> > HashUserRealm("MyRealm","${grailsHome}/conf/realm.properties");
> > server.setUserRealms((UserRealm[])[myrealm]);
> >
> > that's based on what I saw here:
> > http://docs.codehaus.org/display/JETTY/How+to+Configure+Security+with+Embedded+Jetty
> >
> > then I added that same security xml into web2.4template.xml.
> > and of course I created the realm.properties files for the HashUserRealm
> >
> > It's starts up without error, but loading the app in the browser, I get:
> > Error 401 - Internal Error.
> >
> > And the shell output was just:
> > INFO:  Initializing Spring FrameworkServlet 'grails-errorhandler'
> >
> > I also tried the programmatic security without a web.xml with the same
> > result.
> >
> > any help is appreciated.
> >
> >
> >
> >
> >
>
> --
> View this message in context: http://www.nabble.com/-Error-401--problem-getting-container-managed-security-working-with-Grails-Jetty-tf4734557.html#a13589768
> Sent from the grails - dev mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list please visit:
>
>     http://xircles.codehaus.org/manage_email
>
>


--
Graeme Rocher
Grails Project Lead
G2One, Inc. Chief Technology Officer
http://www.g2one.com

---------------------------------------------------------------------
To unsubscribe from this list please visit:

    http://xircles.codehaus.org/manage_email

 « Return to Thread: [Error 401] problem getting container managed security working with Grails/Jetty

Free embeddable forum powered by Nabble Forum Help