cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Migrate Custom Login Module into NWDI

Former Member

on ‎10-22-2008 1:40 PM

0 Kudos

Hello all,

we want to migrate a custom login module, developed using "JAAS Login Modules For WAS6_40.pdf" into our NWDI.

Therefor we created two new DCs, a plain Java for Login Module Code and a J2EE Server Component Library for deployement. How can i reference the JAR of Java for Login Module Code?

Regards Oliver

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎10-23-2008 1:13 AM
0 Kudos

Oliver,

check these links

http://help.sap.com/saphelp_nw70/helpdata/en/46/3ce3e4df201d63e10000000a11466f/frameset.htm

Thanks

Bala Duvvuri

Show replies
Show replies
Former Member
‎10-23-2008 7:49 AM
0 Kudos

Hello Bala,

thanks for reply, but i think there is a missunderstanding, sry when my question was missleading. We do not have external libraries involved. We have two DCs

1. Java DC: Containing code of of LoginModule (extend AbstractLoginModule)

2. J2EE Server Library DC: Used to deploy Java DC on WebAS (SDA)

This was developed following the guide "JAAS Login Modules For WAS6_40.pdf" using NWDS but not using NWDI.

Therefor the JAVA DC was referenced to the J2EE Server Library by using the "server/provider.xml". This is not possible anymore, when using the NWDI. So my question is more or less, how to develop and deploy a custom login module usiong the NWDI.

Regards Oliver

Former Member
‎10-23-2008 9:38 AM
0 Kudos

Define the Java DC's public parts as a Used DC in the J2EE DC.

Former Member
‎10-23-2008 11:11 AM
0 Kudos

Hello Pascal,

yes it`s working. I was just confused, cause in NWDI for "J2EE Server Component: library" there is no server/provider.xml anymore, and the Public Part of Java DC is containing the package tree(s), while in a WebService project the Public Part is type EJB-JAR. I was looking for something similar in Java DC, but did not find.

Anyway, now it is working, but we have another problem, we are using "com.sap.security.core.logon.imp.SecurityPolicy" in our LoginModule, e.g. for SecurityPolicy.USER_IS_CURRENTLY_NOT_VALID message.

But when i try to add "com.sap.security.core.sda" as Used DC, i get an "Invalid dependency" error. Do you know why?

Thanks and regards Oliver

Former Member
‎10-23-2008 12:13 PM
0 Kudos

The provider.xml is generated during the DC build.

You are not allowed to use that public part (see the Access List). Use USER_IS_CURRENTLY_NOT_VALID from DC com.sap.security.api.sda, Interface com.sap.security.api.ISecurityPolicy instead.

Former Member
‎10-24-2008 1:33 PM
0 Kudos

Hello Pascal,

the built and the deployment of the LoginModule now works with the NWDI. Unfortunatly we get a strange behaviour, when referencing the Security provider to the library deployed with NWDI. When try to login, we get the message: 

Login Failure: all modules ignored

When referencing to old manually deployed LoginModuleLibrary, login works as expected. Both libraries contain the same classes, only difference: Library name and JAR name.

Library "old": br.com~CompassLoginLibrary ->CompassLogin.jar

Library NWDI:br.comcompasslogin_module_library -> br.comcompasslogin_module~libraryjar.jar

Does the classloader have problems with the JAR name? I don`t get any error message in any log. If i change the LoginModuleClassLoader reference back to "library:br.com~CompassLoginLibrary" everything works as expected.

Regards Oliver

Former Member
‎10-24-2008 2:11 PM
0 Kudos

Hello Pascal,

another thing that i monitored is, that in ClassLoader the "old" non NWDI LoginModuleLibrary itself references

- common@1

- library:com.sap.tc.logging

- interface: security

while LoginModuleLibrary deployed with NWDI misses the references.

Regards Oliver

Former Member
‎10-27-2008 8:41 AM
0 Kudos

Hello Pascal,

i cannot find USER_IS_CURRENTLY_NOT_VALID in com.sap.security.api.ISecurityPolicy. Are you sure this is the right location?.

Regards Oliver

former_member66796
Explorer
‎10-29-2008 12:46 PM
0 Kudos

Hi Olivier,

I'm having the exact same issue as you are having. I've built a SAML Mapping Module as a project in NWDS and deployed manually with SDM. When I moved it into NWDI, I get the same behaviour as you.

First of all, I think it's to do with the missing entries in provider.xml file (which is generated automatically). But I can't see any exceptions in the logs that help me very much. All I'm thinking is to configure the J2EE Library DC so that the provider.xml contains the correct references. But how??

Regarding your problem with the core security.sda DC, I don't think the ACLs on that DC allows you to directly use it. It's by design. You can use the API, though... Maybe it contains some interface to get the required constants.

.: HP

Former Member
‎10-29-2008 1:01 PM
0 Kudos

If you define Used DCs for these libraries and services, they should get into the generated provider.xml.

former_member66796
Explorer
‎10-29-2008 3:23 PM
0 Kudos

Hi Oliver,

I managed to fix this. As Pascal mentiones, the UsedDC was the key here. You just need to specify weak runtime usage towards security_api interface and also com.sap.mw.jco library (in addition to "at build time"). The generated provider.xml file then contains the neccessary references and your login module works.

Hope it helps!

.: HP

Former Member
‎10-30-2008 8:31 AM
0 Kudos

Hello Hans, hello Pascal,

this solved it, I added the built dependency to the Java Project of LoginModule and the runtime dependency to the Library Project. With that i got it working.

Thanks for help.

Regards Oliver

Ask a Question