LMG wrote (per Mail):
[...] Are you sure you want to use the topic map to store user information, 
though?
You can use any authentication module you want to. Ontopia doesn't require you 
to use
this particular one. 

---

Which is the prefered way to do authentication with Ontopia? It would be nice 
if some
way of authentication worked out of the box.

There is no preference. Usually, customers have their own requirements (like 
Windows 
Domains or whatever), and so we've gone with that. The Topic Maps realm have 
been 
used for some customers who don't have anything pre-existing.

I agree that this realm *should* work out of the box. So this is a bug that 
needs to 
be fixed. However, we can't do it right now, because we're working on getting 
the 
project set up. In cases like that I always try to propose a workaround for the 
user 
in the meantime. In your case, the workaround is to use some other 
authentication 
method. :)

But we *will* fix this.

The TM-realm used to be the default out of the box, provided in the 
oks-realm.jar
located in the apache-tomcat/server/lib directory. A quick fix that helped me 
out was
copying the jar from an older OKS version. 

From what I can see the ontopia-realm.jar is part of the new Ontopia 5.0.0b2 
release: ontopia-5.0.0b2/apache-tomcat/server/lib/ontopia-realm.jar

Does this problem persist in Ontopia 5.0.0?

Just tried it myself, and, yes, the problem persists.

The same error message appears in the logs: 
javax.security.auth.login.LoginException: unable to find LoginModule 
class: net.ontopia.topicmaps.nav2.realm.TMLoginModule
        at javax.security.auth.login.LoginContext.invoke
(LoginContext.java:808)

server/lib does contain the ontopia-realm.jar, and that does contain the 
net.ontopia.topicmaps.nav2.realm.TMLoginModule class.

Not sure how to approach this, but it clearly is a bug, and the old fix clearly 
no 
longer works.

A user reports the following showing up in the logs on startup:

ERROR 2009-08-13 07:09:48,462 realm.JAASRealm - Class
net.ontopia.topicmaps.nav2.realm.UserPrincipal not found! Class not
added.
ERROR 2009-08-13 07:09:48,463 realm.JAASRealm - Class
net.ontopia.topicmaps.nav2.realm.RolePrincipal not found! Class not
added.

This might be the real cause of the problem. Need to investigate further.

Investigated these classes, but they are in the .jar and everything seems fine.

Tried googling possible causes, but came up empty-handed.

It may be that we have to post to one of the Tomcat mailing lists to see if we 
can 
get some help.

I ran into the same problem. An extra clue might be that I included a handmade 
jar into the server/lib directory 
that used to work in earlier versions (tried upto 3.4.4), but fails in 5.0.0. 
It could be that JAASRealm no longer 
searches the server/lib directory when looking for classes. Seems like a Tomcat 
issue indeed. 

I confirm the message in comment 7 from a clean version 5.0.0 install. The 
message is generated while reading 
the conf/server.xml file.

We've tracked this issue down to a difference in 
server/lib/catalina-optional.jar which contains 
org.apache.catalina.realm.JAASRealm. Google showed me that changes in that 
class seem to impact 
useContextClassLoader. Reverting to an earlier catalina-optional.jar solved 
this issue for us for now. We'll keep 
searching for a more elegant solution.

Great to finally see some progress on this issue. Even if this isn't the ideal 
fix, 
at least it gives some indication of what's wrong.

I'm transferring the issue to you, since you're the only one working actively 
on it 
right now.

Great if you can solve this. If you can do so quickly enough we can get the fix 
into 
5.0.1. Otherwise it'll wait for 5.0.2.

It is indeed the useContextClassLoader setting that causes this issue. 
Documentation is at the bottom of 
{ontopia}/webapps/tomcat-docs/config/realm.html. The 
default value 'true' turned out to cause a bug in Catalina, reported in 
https://issues.apache.org/bugzilla/show_bug.cgi?id=44084. Its fix in Tomcat 
5.5.26 caused 
our issue from OKS 4.0.3 onwards.

Resolution is to add the attribute useContextClassLoader="false" in every 
"Realm" element with className="org.apache.catalina.realm.JAASRealm" in 
conf/server.xml. I've added the attribute in 
ontopia/ontopia/src/dist/tomcat/server.xml for the accessctl webapp in revision 
459.

Verified that the fix worked. Excellent work! :)