Hello, I want to enabling SAF Security.
I follow the descibstion to configure my Tomcat installation and I change the server.xml like the new documentation.
I submit the TOMCAT JCL and now the problem in the job output:
SEVERE: Exception processing Global JNDI Resources
javax.naming.NamingException: Cannot create resource instance
....
SEVERE: Catalina.start:
LifecycleException: Cannot find message associated with key SafRealm.noDatabase
Can anybody help me?
Thanks *g*
Problems with Enabling SAF Security
Here's a couple of things to check:
1.) make sure you've got the correct version of the SAF realm download: 5.5_1.2.4 if you are running Tomcat 5.5.X or 5.0_1.2.4 if you are running Tomcat 5.0.X
2.) make sure that you have copied the saf_realm.jar to CATALINA_HOME/server/lib
If the problem still exists once you've confirmed these items, post the Tomcat output you receive (STDOUT) so I can take a look at the messages.
1.) make sure you've got the correct version of the SAF realm download: 5.5_1.2.4 if you are running Tomcat 5.5.X or 5.0_1.2.4 if you are running Tomcat 5.0.X
2.) make sure that you have copied the saf_realm.jar to CATALINA_HOME/server/lib
If the problem still exists once you've confirmed these items, post the Tomcat output you receive (STDOUT) so I can take a look at the messages.
-
tlongfellow
- Posts: 14
- Joined: Tue Oct 03, 2006 9:35 am
- Location: Maryland, USA
Same problem with starting SafRealm as previously posted
I hope you are still able to help someone who as the problem as the original poster. I have checked and rechecked and things appear to be as they should. I downloaded the latest zip today (3 Oct) and the SafRealm.jar is in /usr/lpp/apache-tomcat-5.5.17/server/lib
Tomcat (and JSPWiki) were working fine pror to me attempting this SAF activation. The SafTest code in the JZOS library works fine.
I am using Tomcat 5.5.17, Java 5.0 (1.5.0).
Here is my STDOUT
1
Oct 3, 2006 8:10:42 AM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library
.path: /lib:/usr/lib:/usr/lpp/java/J5.0/bin:/usr/lpp/java/J5.0/bin/classic:/usr/lpp/jzos:
Oct 3, 2006 8:10:44 AM org.apache.coyote.http11.Http11BaseProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Oct 3, 2006 8:10:44 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 9937 ms
Oct 3, 2006 8:10:45 AM org.apache.catalina.mbeans.GlobalResourcesLifecycleListener createMBeans
SEVERE: Exception processing Global JNDI Resources
javax.naming.NamingException: Cannot create resource instance
at org.apache.naming.factory.ResourceFactory.getObjectInstance(ResourceFactory.java:142)
at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:316)
at org.apache.naming.NamingContext.lookup(NamingContext.java:792)
at org.apache.naming.NamingContext.lookup(NamingContext.java:139)
at org.apache.naming.NamingContextBindingsEnumeration.nextElementInternal(NamingContextBindingsEnumeration.java:112)
at org.apache.naming.NamingContextBindingsEnumeration.next(NamingContextBindingsEnumeration.java:70)
at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBeans(GlobalResourcesLifecycleListener.java:136)
at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBeans(GlobalResourcesLifecycleListener.java:108)
at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.lifecycleEvent(GlobalResourcesLifecycleListener.java:80)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:702)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:615)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
Oct 3, 2006 8:10:45 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Oct 3, 2006 8:10:46 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.17
javax.naming.NamingException: Cannot create resource instance
at org.apache.naming.factory.ResourceFactory.getObjectInstance(ResourceFactory.java:142)
at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:316)
at org.apache.naming.NamingContext.lookup(NamingContext.java:792)
at org.apache.naming.NamingContext.lookup(NamingContext.java:152)
at com.dovetail.zos.tomcat.SafRealm.start(SafRealm.java:182)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1005)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
at org.apache.catalina.core.StandardService.start(StandardService.java:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:615)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
Oct 3, 2006 8:10:46 AM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
LifecycleException: Cannot find message associated with key SafRealm.noDatabase
at com.dovetail.zos.tomcat.SafRealm.start(SafRealm.java:190)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1005)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
at org.apache.catalina.core.StandardService.start(StandardService.java:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:615)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
Oct 3, 2006 8:10:46 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1975 ms
Tomcat (and JSPWiki) were working fine pror to me attempting this SAF activation. The SafTest code in the JZOS library works fine.
I am using Tomcat 5.5.17, Java 5.0 (1.5.0).
Here is my STDOUT
1
Oct 3, 2006 8:10:42 AM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library
.path: /lib:/usr/lib:/usr/lpp/java/J5.0/bin:/usr/lpp/java/J5.0/bin/classic:/usr/lpp/jzos:
Oct 3, 2006 8:10:44 AM org.apache.coyote.http11.Http11BaseProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Oct 3, 2006 8:10:44 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 9937 ms
Oct 3, 2006 8:10:45 AM org.apache.catalina.mbeans.GlobalResourcesLifecycleListener createMBeans
SEVERE: Exception processing Global JNDI Resources
javax.naming.NamingException: Cannot create resource instance
at org.apache.naming.factory.ResourceFactory.getObjectInstance(ResourceFactory.java:142)
at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:316)
at org.apache.naming.NamingContext.lookup(NamingContext.java:792)
at org.apache.naming.NamingContext.lookup(NamingContext.java:139)
at org.apache.naming.NamingContextBindingsEnumeration.nextElementInternal(NamingContextBindingsEnumeration.java:112)
at org.apache.naming.NamingContextBindingsEnumeration.next(NamingContextBindingsEnumeration.java:70)
at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBeans(GlobalResourcesLifecycleListener.java:136)
at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBeans(GlobalResourcesLifecycleListener.java:108)
at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.lifecycleEvent(GlobalResourcesLifecycleListener.java:80)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:702)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:615)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
Oct 3, 2006 8:10:45 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Oct 3, 2006 8:10:46 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.17
javax.naming.NamingException: Cannot create resource instance
at org.apache.naming.factory.ResourceFactory.getObjectInstance(ResourceFactory.java:142)
at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:316)
at org.apache.naming.NamingContext.lookup(NamingContext.java:792)
at org.apache.naming.NamingContext.lookup(NamingContext.java:152)
at com.dovetail.zos.tomcat.SafRealm.start(SafRealm.java:182)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1005)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
at org.apache.catalina.core.StandardService.start(StandardService.java:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:615)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
Oct 3, 2006 8:10:46 AM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
LifecycleException: Cannot find message associated with key SafRealm.noDatabase
at com.dovetail.zos.tomcat.SafRealm.start(SafRealm.java:190)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1005)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
at org.apache.catalina.core.StandardService.start(StandardService.java:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:615)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
Oct 3, 2006 8:10:46 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1975 ms
Our documentation is a little out of date. You will need to change your UserDatabase resource element in server.xml to work properly with Tomcat 5.5.X. Here's the proper configuration:
I've updated the documentation on the website accordingly.
Let me know if this works for you.
Code: Select all
<Resource name="UserDatabase"
auth="Container"
type="org.apache.catalina.UserDatabase"
description="z/OS Role database"
factory="com.dovetail.zos.tomcat.SafRoleDatabaseFactory"
pathname="conf/saf-roles.xml" />Let me know if this works for you.
-
tlongfellow
- Posts: 14
- Joined: Tue Oct 03, 2006 9:35 am
- Location: Maryland, USA
The new syntax fixed it
Thanks, that did it. That sure was a lot of messages to say "syntax error" 
Java can be so obscure at times.
Next up! DB2 access. (when I get time)
Java can be so obscure at times.Next up! DB2 access. (when I get time)
Hi,
i also have problems with SAF and Tomcat 5.5.17. Without SAF everything works fine, but when enabling SAF, the Tomcat start page doesn't even get loaded and seems to hang.
I strictly followed the instructions in the "SAF Security" document:
- taylored server.xml, yes followed the 5.5.X updates
- upacked saf_realm_5.5_1.2.4.zip
- copied saf_realm.jar to <CATALINA_HOME>/server/lib
- copied saf-roles.xml to <CATALINA_BASE>/conf/saf-roles.xml
Any ideas ?
i also have problems with SAF and Tomcat 5.5.17. Without SAF everything works fine, but when enabling SAF, the Tomcat start page doesn't even get loaded and seems to hang.
I strictly followed the instructions in the "SAF Security" document:
- taylored server.xml, yes followed the 5.5.X updates
- upacked saf_realm_5.5_1.2.4.zip
- copied saf_realm.jar to <CATALINA_HOME>/server/lib
- copied saf-roles.xml to <CATALINA_BASE>/conf/saf-roles.xml
Any ideas ?
Unfortunately, I don't have too much to go on with this post. The first thing to do is to turn on detailed logging in Tomcat:
IJO="$IJO -Djava.util.logging.manager="
IJO="${IJO}org.apache.juli.ClassLoaderLogManager"
IJO="$IJO -Djava.util.logging.config.file="
IJO="${IJO}$CATALINA_BASE/conf/logging.properties"
Then, edit the logging.properties file and change the existing levels from INFO to FINE. Then add the following line to the file:
org.apache.catalina.level=FINEST
Run your job and post the output along with your server.xml (or send to info@dovetail.com) and we can take a look.
IJO="$IJO -Djava.util.logging.manager="
IJO="${IJO}org.apache.juli.ClassLoaderLogManager"
IJO="$IJO -Djava.util.logging.config.file="
IJO="${IJO}$CATALINA_BASE/conf/logging.properties"
Then, edit the logging.properties file and change the existing levels from INFO to FINE. Then add the following line to the file:
org.apache.catalina.level=FINEST
Run your job and post the output along with your server.xml (or send to info@dovetail.com) and we can take a look.