search

caitale / javamelody

Automatically exported from code.google.com/p/javamelody
0 stars 0 forks source link

Security configured error #123

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
I install the javamelody in JIRA system, and it works well. But i want to 
configure username and password to use the monitor in jira. So i follow up the 
steps as:
http://code.google.com/p/javamelody/wiki/UserGuide#13._Weekly,_daily_or_monthly_
reports_by_mail
But every time i  input the right username and password, it can not work and 
output such errors
2011-6-29 23:52:58 org.apache.catalina.realm.JAASRealm authenticate
严重: Unexpected error
java.lang.SecurityException: 无法定位登录配置
        at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:93)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)

        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstruct
orAccessorImpl.java:39)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingC
onstructorAccessorImpl.java:27)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
        at java.lang.Class.newInstance0(Class.java:355)
        at java.lang.Class.newInstance(Class.java:308)
        at javax.security.auth.login.Configuration$3.run(Configuration.java:247)

        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.Configuration.getConfiguration(Configuratio
n.java:242)
        at javax.security.auth.login.LoginContext$1.run(LoginContext.java:237)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.init(LoginContext.java:234)
        at javax.security.auth.login.LoginContext.<init>(LoginContext.java:403)
        at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:393)
        at org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:334)
        at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(Bas
icAuthenticator.java:181)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:528)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:127)
        at com.googlecode.psiprobe.Tomcat60AgentValve.invoke(Tomcat60AgentValve.
java:30)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
554)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:298)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:859)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ss(Http11Protocol.java:588)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:48
9)
        at java.lang.Thread.run(Thread.java:662)
Caused by: java.io.IOException: 无法定位登录配置
        at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:250)
        at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:91)
        ... 27 more

I do not know what happen.

Original issue reported on code.google.com by zhuze...@act.buaa.edu.cn on 29 Jun 2011 at 4:04

GoogleCodeExporter commented 9 years ago 
The URL you have given is about sending automatically the monitoring reports by 
email to some people, for example each week.
This URL is not about configuring the username and password to open the 
monitoring page.

To open the monitoring page on the JIRA server, the user must have the "system 
admin" permission and this is not configurable.
In fact, javamelody only checks that the user is authentified by JIRA and that 
this user has the "system admin" permission in JIRA.

Then, it is up to you to configure in JIRA which users have the "System admin" 
permission to open the monitoring page (and also all admin pages probably).

So, can we close this issue?

Original comment by evernat@free.fr on 6 Jul 2011 at 6:08

GoogleCodeExporter commented 9 years ago 
As the figure shows, in the stage "15 Security", it describe how to configure 
the authority.  Besides, we can access the javamelody by the url 
"localhost:8080/Monitoring" without login the JIRA system.

Original comment by zhuze...@act.buaa.edu.cn on 6 Jul 2011 at 1:09

Attachments:

GoogleCodeExporter commented 9 years ago 
Javamelody is used in home made webapp and also as plugins in Jenkins, Hudson, 
JIRA, Confluence, Bamboo and also in Grails apps.
The chapter "15 Security" of the user guide is about enabling security when you 
install javamelody in your home made webapp. It is not about enabling security 
in JIRA. Sorry for the misleading documentation.

JIRA security is supposed to work as I said above. Are you sure that you can 
access the url "localhost:8080/monitoring", and all admin pages, without login 
in the JIRA system? (I suppose that you have not changed the security part in 
web.xml of JIRA)

Original comment by evernat@free.fr on 9 Jul 2011 at 8:36

GoogleCodeExporter commented 9 years ago 
And another question just to check: do you have installed javamelody in JIRA 
with the jira-javamelody-1.x.jar file from 
https://plugins.atlassian.com/plugin/details/20909 ? (this jar file is a plugin 
for JIRA)

Original comment by evernat@free.fr on 10 Jul 2011 at 8:16

GoogleCodeExporter commented 9 years ago 
Yeap, i have fix the problem. Maybe it is just because i set the Internet 
Explorer to remember the password.

Original comment by zhuze...@act.buaa.edu.cn on 10 Jul 2011 at 8:18

GoogleCodeExporter commented 9 years ago 
ok, good.

Original comment by evernat@free.fr on 10 Jul 2011 at 8:27