Hi,
I have been busy creating an app for Red5. Imagine what was my surprise when I tried to configure basic/digest authentication and I couldn't. What struck me as strange is that I have a running tomcat instance that works and authenticates correctly with the following xmls:
web.xml (part of)
<security-constraint>
<web-resource-collection>
<web-resource-name>A Protected Page</web-resource-name>
<url-pattern>/stats.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>tomcat</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>DIGEST</auth-method>
<realm-name>BLAAAAAAAAAAAAAAAAA</realm-name>
</login-config>
<security-role>
<description/>
<role-name>tomcat</role-name>
</security-role>
and a tomcat-users.xml in /conf that looks kinda like this:
<?xml version="1.0" encoding="UTF-8"?>
<tomcat-users>
<role rolename="tomcat"/>
<user username="ide" password="bogus" roles="tomcat"/>
</tomcat-users>
The annoying thing is that configuration authenticates correctly when on tomcat's servlet container, but on the red5's modified one, it just keeps asking for authentication. Am I becoming mad or it should work like a charm?
- Red5 is version 0_9_1
- The stats.jsp is accessible in both servlet containers, the only difference is that when you input the correct password and username in tomcat, you are logged in, and in red5 you are not, it just keeps asking you for the password.
Any pointers? Am I missing something?
Here is a stack trace of the error I receive AT the moment I try the login:
Caused by: java.io.IOException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:250) [na:1.6.0_22]
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:91) [na:1.6.0_22]
... 27 common frames omitted
[ERROR] [http-127.0.0.1-5080-1] org.apache.catalina.realm.JAASRealm - Cannot find message associated with key jaasRealm.unexpectedError
java.lang.SecurityException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:93) [na:1.6.0_22]
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) [na:1.6.0_22]
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) [na:1.6.0_22]
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) [na:1.6.0_22]
at java.lang.reflect.Constructor.newInstance(Constructor.java:513) [na:1.6.0_22]
at java.lang.Class.newInstance0(Class.java:355) [na:1.6.0_22]
at java.lang.Class.newInstance(Class.java:308) [na:1.6.0_22]
at javax.security.auth.login.Configuration$3.run(Configuration.java:247) [na:1.6.0_22]
at java.security.AccessController.doPrivileged(Native Method) [na:1.6.0_22]
at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:242) [na:1.6.0_22]
at javax.security.auth.login.LoginContext$1.run(LoginContext.java:237) [na:1.6.0_22]
at java.security.AccessController.doPrivileged(Native Method) [na:1.6.0_22]
at javax.security.auth.login.LoginContext.init(LoginContext.java:234) [na:1.6.0_22]
at javax.security.auth.login.LoginContext.<init>(LoginContext.java:403) [na:1.6.0_22]
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:394) [catalina-6.0.24.jar:na]
at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:357) [catalina-6.0.24.jar:na]
at org.apache.catalina.authenticator.DigestAuthenticator.findPrincipal(DigestAuthenticator.java:283) [catalina-6.0.24.jar:na]
at org.apache.catalina.authenticator.DigestAuthenticator.authenticate(DigestAuthenticator.java:176) [catalina-6.0.24.jar:na]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:523) [catalina-6.0.24.jar:na]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [catalina-6.0.24.jar:na]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [catalina-6.0.24.jar:na]
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:555) [catalina-6.0.24.jar:na]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [catalina-6.0.24.jar:na]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298) [catalina-6.0.24.jar:na]
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:852) [tomcat-coyote-6.0.24.jar:na]
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588) [tomcat-coyote-6.0.24.jar:na]
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) [tomcat-coyote-6.0.24.jar:na]
at java.lang.Thread.run(Thread.java:662) [na:1.6.0_22]
Caused by: java.io.IOException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:250) [na:1.6.0_22]
at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:91) [na:1.6.0_22]
... 27 common frames omitted
In addition, here is the configuration of red5-web.properties
webapp.contextPath=/project
