【发布时间】:2011-06-04 17:38:29
【问题描述】:
我一直忙于为 Red5 创建一个应用程序。想象一下,当我尝试配置基本/摘要式身份验证但我做不到时,我会感到惊讶。 令我感到奇怪的是,我有一个正在运行的 tomcat 实例,它可以使用以下 xml 正确工作和验证:
web.xml(部分)
<security-constraint>
<web-resource-collection>
<web-resource-name>A Protected Page</web-resource-name>
<url-pattern>/stats.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>tomcat</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>DIGEST</auth-method>
<realm-name>BLAAAAAAAAAAAAAAAAA</realm-name>
</login-config>
<security-role>
<description/>
<role-name>tomcat</role-name>
</security-role>
和 /conf 中的 tomcat-users.xml 看起来有点像这样:
<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users>
<role rolename="tomcat"/>
<user username="ide" password="bogus" roles="tomcat"/>
</tomcat-users>
令人讨厌的是配置在tomcat的servlet容器上正确验证,但在red5修改后的容器上,它只是不断要求验证。我是疯了还是应该像魅力一样发挥作用?
- Red5 是版本 0_9_1
- stats.jsp 可以在这两种情况下访问 servlet 容器,唯一的 不同的是,当你输入 正确的密码和用户名 tomcat,您已登录,并在 red5 你不是,它只是保持 询问您的密码。
有什么建议吗?我错过了什么吗?
这是我在尝试登录时收到的错误的堆栈跟踪:
Caused by: java.io.IOException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:250) [na:1.6.0_22]
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:91) [na:1.6.0_22]
... 27 common frames omitted
[ERROR] [http-127.0.0.1-5080-1] org.apache.catalina.realm.JAASRealm - Cannot find message associated with key jaasRealm.unexpectedError
java.lang.SecurityException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:93) [na:1.6.0_22]
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [na:1.6.0_22]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) [na:1.6.0_22]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) [na:1.6.0_22]
at java.lang.reflect.Constructor.newInstance(Constructor.java:513) [na:1.6.0_22]
at java.lang.Class.newInstance0(Class.java:355) [na:1.6.0_22]
at java.lang.Class.newInstance(Class.java:308) [na:1.6.0_22]
at javax.security.auth.login.Configuration$3.run(Configuration.java:247) [na:1.6.0_22]
at java.security.AccessController.doPrivileged(Native Method) [na:1.6.0_22]
at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:242) [na:1.6.0_22]
at javax.security.auth.login.LoginContext$1.run(LoginContext.java:237) [na:1.6.0_22]
at java.security.AccessController.doPrivileged(Native Method) [na:1.6.0_22]
at javax.security.auth.login.LoginContext.init(LoginContext.java:234) [na:1.6.0_22]
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:403) [na:1.6.0_22]
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:394) [catalina-6.0.24.jar:na]
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:357) [catalina-6.0.24.jar:na]
at org.apache.catalina.authenticator.DigestAuthenticator.findPrincipal(DigestAuthenticator.java:283) [catalina-6.0.24.jar:na]
at org.apache.catalina.authenticator.DigestAuthenticator.authenticate(DigestAuthenticator.java:176) [catalina-6.0.24.jar:na]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:523) [catalina-6.0.24.jar:na]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [catalina-6.0.24.jar:na]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [catalina-6.0.24.jar:na]
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:555) [catalina-6.0.24.jar:na]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [catalina-6.0.24.jar:na]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) [catalina-6.0.24.jar:na]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852) [tomcat-coyote-6.0.24.jar:na]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) [tomcat-coyote-6.0.24.jar:na]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) [tomcat-coyote-6.0.24.jar:na]
at java.lang.Thread.run(Thread.java:662) [na:1.6.0_22]
Caused by: java.io.IOException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:250) [na:1.6.0_22]
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:91) [na:1.6.0_22]
... 27 common frames omitted
另外,这里是red5-web.properties的配置
webapp.contextPath=/project
更多信息:
在我看来,它使用了正确的领域:MemoryRealm
[INFO] [main] org.red5.server.tomcat.TomcatLoader - Setting connector: org.apache.catalina.connector.Connector
[INFO] [main] org.red5.server.tomcat.TomcatLoader - Address to bind: /127.0.0.1:5080
[INFO] [main] org.red5.server.tomcat.TomcatLoader - Setting realm: org.apache.catalina.realm.MemoryRealm
[INFO] [main] org.red5.server.tomcat.TomcatLoader - Loading tomcat context
[INFO] [main] org.red5.server.tomcat.TomcatLoader - Server root: C:/Program Files/Red5
[INFO] [main] org.red5.server.tomcat.TomcatLoader - Config root: C:/Program Files/Red5/conf
[INFO] [main] org.red5.server.tomcat.TomcatLoader - Application root: C:/Program Files/Red5/webapps
[INFO] [main] org.red5.server.tomcat.TomcatLoader - Starting Tomcat servlet engine
[INFO] [main] org.apache.catalina.startup.Embedded - Starting tomcat server
[INFO] [main] org.apache.catalina.core.StandardEngine - Starting Servlet Engine: Apache Tomcat/6.0.26
但是,在启动 Tomcat 之后,我立即收到以下错误:
Exception in thread "Launcher:/administration" org.springframework.beans.factory.BeanDefinitionStoreException: Could not resolve bean definition resource pattern [/WEB-INF/red5-*.xml]; nested exception is java.io.FileNotFoundException: ServletContext resource [/WEB-INF/] cannot be resolved to URL because it does not exist
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:190)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:149)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:124)
at org.springframework.web.context.support.XmlWebApplicationContext.loadBeanDefinitions(XmlWebApplicationContext.java:93)
at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130)
at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:458)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:388)
at org.red5.server.tomcat.TomcatLoader$1.run(TomcatLoader.java:594)
Caused by: java.io.FileNotFoundException: ServletContext resource [/WEB-INF/] cannot be resolved to URL because it does not exist
at org.springframework.web.context.support.ServletContextResource.getURL(ServletContextResource.java:132)
at org.springframework.core.io.support.PathMatchingResourcePatternResolver.isJarResource(PathMatchingResourcePatternResolver.java:414)
at org.springframework.core.io.support.PathMatchingResourcePatternResolver.findPathMatchingResources(PathMatchingResourcePatternResolver.java:343)
at org.springframework.core.io.support.PathMatchingResourcePatternResolver.getResources(PathMatchingResourcePatternResolver.java:282)
at org.springframework.context.support.AbstractApplicationContext.getResources(AbstractApplicationContext.java:1156)
at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:177)
... 7 more
这个错误有点奇怪,因为在此之后,程序的其余部分似乎通过以下输出找到了 /WEB-INF/:
[INFO] [Launcher:/SOSample] org.springframework.beans.factory.config.PropertyPlaceholderConfigurer - Loading properties file from ServletContext resource [/WEB-INF/red5-web.properties]
[INFO] [Launcher:/installer] org.springframework.beans.factory.config.PropertyPlaceholderConfigurer - Loading properties file from ServletContext resource [/WEB-INF/red5-web.properties]
[INFO] [Launcher:/] org.springframework.beans.factory.config.PropertyPlaceholderConfigurer - Loading properties file from ServletContext resource [/WEB-INF/red5-web.properties]
[INFO] [Launcher:/LiveMedia] org.springframework.beans.factory.config.PropertyPlaceholderConfigurer - Loading properties file from ServletContext resource [/WEB-INF/red5-web.properties]
真正让我烦恼的是,正如您在输出中看到的那样,当我尝试登录时,我得到了一个与 JAASRealm 相关的异常,但是在 Tomcat 加载时的调试输出中,我很清楚它期望一个记忆领域。我想知道我应该在 red5.xml 的何处以及如何指定 bean 属性,以便我强制 red5 使用 /conf/tomcat-users.xml 下的 MemoryRealm,因为它现在肯定不会这样做。
这似乎是我迄今为止发布的最大问题,但我试图尽可能全面地解释它以避免混淆。
【问题讨论】:
-
不是您问题的真正答案...但可能会帮助您到达那里。似乎它正在寻找 WEB-INF 或其他意外的文件。由于您使用的是 Windows... 应该在 WEB-INF 上尝试和过滤 Process Monitor。应该能够查看您的配置文件是否正在被访问/读取,还应该能够捕获任何失败的读取尝试,将您指向可能错误地尝试读取的位置。当然,如果它试图从 jar 中读取文件也无济于事。 -祝你好运
-
好吧,我做到了,它似乎在 red5 引导程序之后被解析。但是,当我有客户端登录时,文件不会再次被解析。你知道tomcat的内部结构吗?它应该在每次客户端尝试进行身份验证时解析文件,还是应该在部署应用程序时解析一次文件?
-
嗨,我不是 tomcat 专家 - 但我希望最初在启动(或首次登录)时读取文件,而不是在每次登录尝试时(只有在文件已更改)。您是否在堆栈跟踪中引用的 WEB-INF 目录的进程监视器中看到任何失败的读取尝试?
-
Procmon dosnt 发现任何失败的读取尝试,但是,在上面的堆栈跟踪中,您可以清楚地看到它未能在安全配置中找到某些内容。
标签: java tomcat red5 web.xml digest-authentication