Details
-
Type: extRequest
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
HD-Chapter:Security
-
HD-Enabler:AuthZForce
Description
Hi,
A user has a problem with the installation of the AuthZForce GE. When
trying to enable it with the command:
asadmin enable authzforce-4.1
He receives the following error:
remote failure: Exception while loading the app
java.lang.IllegalStateException: ContainerBase.addChild: start:
org.apache.catalina.LifecycleException:
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name 'jndi_configDir': Invocation of init method failed; nested
exception is javax.naming.NamingException: Lookup failed for
'com.thalesgroup.authzforce.config.dir' in
SerialContext[myEnv=
javax.naming.NameNotFoundException: com.thalesgroup.authzforce.config.dir
not found]
Command enable failed.
He tells he has followed the
https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Authorization_PDP_-_AuthZForce_-_Installation_and_Administration_Guide_%28R4.1%29
and
https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/AuthZForce_-_Access_Control_-_Installation_and_Administration_Guide
guides.
He also provided a step by step guide of the steps he followed to install
AuthZForce, but it is in spanish. I cc below just in case it can help.
Una vez instalados los serviciso básicos para el funcionamiento del entorno
web, procedemos a instalar las dependencias relacionadas con el GE
"Authorization PDP - AuthZForce".
Para ello nos basamos en la documentación asociada al GE y alojada en
https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Authorization_PDP_-_AuthZForce_-_Installation_and_Administration_Guide_%28R4.1%29
Comenzamos con la instalación del repositio que contiene el software que
necesitamos:
$ add-apt-repository ppa:webupd8team/java
$ apt-get install software-properties-common
Actualizamos los repositorios e instalamos la versión de Java que
necesmitamos
$ apt-get update
$ apt-get install oracle-java7-installer
Una vez instalados los paquetes, continuamos con la instalación de
Glassfish:
$ wget
http://download.java.net/glassfish/3.1.2.2/release/glassfish-3.1.2.2-unix.sh
Ahora necesitamos generar una plantilla para la instalación en un entorno
sin DISPLAY. Para eso generamos un fichero con nombre
glassfish-install-template.txt y que contiene:
Domain.Configuration.ADMIN_PASSWORD=changeit
Domain.Configuration.ADMIN_PASSWORD_REENTER=changeit
Domain.Configuration.ADMIN_PORT=4848
Domain.Configuration.ADMIN_USER=admin
Domain.Configuration.DOMAIN_NAME=domain1
Domain.Configuration.HTTP_PORT=8080
InstallHome.directory.INSTALL_HOME=/opt/glassfish3
UpdateTool.Configuration.ALLOW_UPDATE_CHECK=false
UpdateTool.Configuration.BOOTSTRAP_UPDATETOOL=false
UpdateTool.Configuration.PROXY_HOST=
UpdateTool.Configuration.PROXY_PORT=
Una vez creado, ya podemos realizar la instalación automatizada.
$ sh glassfish-3.1.2.2-unix.sh -s -a glassfish-install-template.txt
El parámetro -s nos permitirá evitar errores como la falta de un DISPLAY.
Es importante recordar que nuestro hostname debe estar correctamente
configurado en /etc/hosts o el servicio de glassfish devolverá un error de
puerto ya ocupado.
Ahora creamos un script que ejecute asadmin sin necesidad de usar el path
completo
$ vi /usr/local/bin/asadmin
$ chmod 755 /usr/local/bin/asadmin
Una vez finalizada, probamos a iniciar el servicio mediante:
$ asadmin start-domain
Vemos que todo está correcto si la respuesta del servicio es algo como:
Waiting for screen.ly to start ......
Successfully started the domain : screen.ly
domain Location: /opt/glassfish3/glassfish/domains/screen.ly
Log File: /opt/glassfish3/glassfish/domains/screen.ly/logs/server.log
Admin Port: 4848
Command start-domain executed successfully.
Ahora procedemos a instalar el GE de "Authorization PDP - AuthZForce", para
eso necesitamos instalar previamente un descompresor de paquetes:
$ apt-get install unzip
Ahora procedemos con la descarga e instalación, en este caso de la versión
4.1:
$ wget
http://catalogue.fiware.org/sites/default/files/storage/enablers/authzforce-fiware-bin-dist-4.1.zip
$ unzip authzforce-fiware-bin-dist-4.1.zip
$ export GLASSFISH_DOMAIN_DIR=/opt/glassfish3/glassfish/domains/screen.ly
$ cp -a authzforce-fiware-bin-dist-4.1/conf
$GLASSFISH_DOMAIN_DIR/config/authzforce
$ asadmin deploy --name authzforce-4.1 --contextroot authzforce
--enabled=false
authzforce-fiware-bin-dist-4.1/authzforce-fiware-webapp-4.1.war
Application deployed with name authzforce-4.1.
Command deploy executed successfully.
$ asadmin set-web-env-entry --name="com.thalesgroup.authzforce.config.dir"
--type=java.lang.String
--value="file://$GLASSFISH_DOMAIN_DIR/config/authzforce"
--ignoredescriptoritem=true authzforce-4.1
Command set-web-env-entry executed successfully.
$ asadmin set-web-context-param --name="logbackConfigLocation"
--value="file://$GLASSFISH_DOMAIN_DIR/config/authzforce/logback.xml"
--ignoredescriptoritem=true authzforce-4.1
Command set-web-context-param executed successfully.
$ asadmin enable authzforce-4.1
remote failure: Exception while loading the app
java.lang.IllegalStateException: ContainerBase.addChild: start:
org.apache.catalina.LifecycleException:
org.springframework.beans.factory.BeanCreationException: Error creating
bean with name 'jndi_configDir': Invocation of init method failed; nested
exception is javax.naming.NamingException: Lookup failed for
'com.thalesgroup.authzforce.config.dir' in
SerialContext[myEnv={java.naming.factory.initial=com.sun.enterprise.naming.impl.SerialInitContextFactory,java.naming.factory.state=com.sun.corba.ee.impl.presentation.rmi.JNDIStateFactoryImpl,java.naming.factory.url.pkgs=com.sun.enterprise.naming}
[Root exception is
javax.naming.NameNotFoundException: com.thalesgroup.authzforce.config.dir
not found]
Command enable failed.
com.thalesgroup.authzforce.config.dir is prevoulsy defined with:
$ asadmin set-web-env-entry --name="com.thalesgroup.authzforce.config.dir"
--type=java.lang.String
--value="file://$GLASSFISH_DOMAIN_DIR/config/authzforce"
--ignoredescriptoritem=true authzforce-4.1
_______________________________________________
Fiware-creatifi-coaching mailing list
Fiware-creatifi-coaching@lists.fi-ware.org
https://lists.fi-ware.org/listinfo/fiware-creatifi-coaching
[Created via e-mail received from: Xavier Carol Rossell <xavier.carol@i2cat.net>]
Issue Links
- clones
-
HELC-556 FIWARE.Request.Coach.CreatiFI.General Support #167: Problems with Authorization PDP - AuthZForce GE
- Closed
Leandro, please, whether priority is reflecting your reaction need.