<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<body link="#355491" alink="#4262a1" vlink="#355491" style="background: #e2e2e2; margin: 0; padding: 20px;">
<div>
<table cellpadding="0" bgcolor="#FFFFFF" border="0" cellspacing="0" style="border: 1px solid #dadada; margin-bottom: 30px; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">
<tbody>
<tr>
<td>
<table border="0" cellpadding="0" cellspacing="0" bgcolor="#FFFFFF" style="border: solid 2px #ccc; background: #dadada; width: 100%; -moz-border-radius: 6px; -webkit-border-radius: 6px;">
<tbody>
<tr>
<td bgcolor="#000000" valign="middle" height="58px" style="border-bottom: 1px solid #ccc; padding: 20px; -moz-border-radius-topleft: 3px; -moz-border-radius-topright: 3px; -webkit-border-top-right-radius: 5px; -webkit-border-top-left-radius: 5px;">
<h1 style="color: #333333; font: bold 22px Arial, Helvetica, sans-serif; margin: 0; display: block !important;">
<!-- To have a header image/logo replace the name below with your img tag -->
<!-- Email clients will render the images when the message is read so any image -->
<!-- must be made available on a public server, so that all recipients can load the image. -->
<a href="https://community.jboss.org/index.jspa" style="text-decoration: none; color: #E1E1E1">JBoss Community</a></h1>
</td>
</tr>
<tr>
<td bgcolor="#FFFFFF" style="font: normal 12px Arial, Helvetica, sans-serif; color:#333333; padding: 20px; -moz-border-radius-bottomleft: 4px; -moz-border-radius-bottomright: 4px; -webkit-border-bottom-right-radius: 5px; -webkit-border-bottom-left-radius: 5px;"><h3 style="margin: 10px 0 5px; font-size: 17px; font-weight: normal;">
Remote client access with database login module: user name and password are UUIDs
</h3>
<span style="margin-bottom: 10px;">
created by <a href="https://community.jboss.org/people/f.ulbricht">Frank Ulbricht</a> in <i>JBoss AS 7 Development</i> - <a href="https://community.jboss.org/message/719442#719442">View the full discussion</a>
</span>
<hr style="margin: 20px 0; border: none; background-color: #dadada; height: 1px;">
<div class="jive-rendered-content"><p>Hello there,</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>I have a simple application with a secured session bean. I want to invoke this bean from a remote client.</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>This is my configuration:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>standalone.xml:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;">...</span></p><p><span style="font-family: courier new,courier;">            <security-realm name="TutorialRealm"></span></p><p><span style="font-family: courier new,courier;">                <authentication></span></p><p><span style="font-family: courier new,courier;">                    <jaas name="tutorial"/></span></p><p><span style="font-family: courier new,courier;">                </authentication></span></p><p><span style="font-family: courier new,courier;">            </security-realm></span></p><p><span style="font-family: courier new,courier;">...</span></p><p><span style="font-family: courier new,courier;">        <subsystem xmlns="urn:jboss:domain:remoting:1.1"></span></p><p><span style="font-family: courier new,courier;">            <connector name="remoting-connector" socket-binding="remoting" security-realm="TutorialRealm"/></span></p><p><span style="font-family: courier new,courier;">        </subsystem></span></p><p><span style="font-family: courier new,courier;">...</span></p><p><span style="font-family: courier new,courier;">              <security-domain name="tutorial" cache-type="default"></span></p><p><span style="font-family: courier new,courier;">                    <authentication></span></p><p><span style="font-family: courier new,courier;">                        <login-module code="Remoting" flag="optional"></span></p><p><span style="font-family: courier new,courier;">                            <module-option name="password-stacking" value="useFirstPass"/></span></p><p><span style="font-family: courier new,courier;">                        </login-module></span></p><p><span style="font-family: courier new,courier;">                        <login-module code="Database" flag="required"></span></p><p><span style="font-family: courier new,courier;">                            <module-option name="dsJndiName" value="java:/TutorialDS"/></span></p><p><span style="font-family: courier new,courier;">                            <module-option name="principalsQuery" value="SELECT PASSWORD FROM SYSTEM_USER WHERE USER_NAME = ?"/></span></p><p><span style="font-family: courier new,courier;">                            <module-option name="rolesQuery" value="SELECT USER_ROLE, 'Roles' FROM SYSTEM_USER_ROLE WHERE USER_NAME = ?"/></span></p><p><span style="font-family: courier new,courier;">                            <module-option name="password-stacking" value="useFirstPass"/></span></p><p><span style="font-family: courier new,courier;">                        </login-module></span></p><p><span style="font-family: courier new,courier;">                    </authentication></span></p><p><span style="font-family: courier new,courier;">                </security-domain></span></p><p><span style="font-family: courier new,courier;">...</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>My bean looks like this (it just returns the current user, but this method was never called):</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;">@Stateless(name = "Secured")</span><br/><span style="font-family: courier new,courier;">@Remote(SecuredRemote.class)</span><br/><span style="font-family: courier new,courier;">@SecurityDomain("tutorial")</span><br/><span style="font-family: courier new,courier;">public class SecuredBean implements SecuredRemote {</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;"> @Resource</span><br/><span style="font-family: courier new,courier;"> private SessionContext sessionContext;</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;"> @Override</span><br/><span style="font-family: courier new,courier;"> @RolesAllowed("role1")</span><br/><span style="font-family: courier new,courier;"> public String getCurrentUserName() {</span><br/><span style="font-family: courier new,courier;">  Principal principal = this.sessionContext.getCallerPrincipal();</span></p><p><span style="font-family: courier new,courier;">  </span><span style="font-family: courier new,courier;">return principal.getName();</span><br/><span style="font-family: courier new,courier;"> }</span><br/><span style="font-family: courier new,courier;">}</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>In my ear I have a jboss-app.xml like this:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;"><jboss-app xmlns="<a class="jive-link-external-small" href="http://www.jboss.com/xml/ns/javaee">http://www.jboss.com/xml/ns/javaee</a>"</span></p><p><span style="font-family: courier new,courier;"> xmlns:xsi="<a class="jive-link-external-small" href="http://www.w3.org/2001/XMLSchema-instance">http://www.w3.org/2001/XMLSchema-instance</a>" version="7.0"></span></p><p><span style="font-family: courier new,courier;"><security-domain>tutorial</security-domain></span></p><p><span style="font-family: courier new,courier;"></jboss-app></span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p>My client code is this:</p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;">@SuppressWarnings("nls")</span><br/><span style="font-family: courier new,courier;">public class Client {</span></p><p><span style="font-family: courier new,courier;"> private static String applicationName = "test.ear";</span><br/><span style="font-family: courier new,courier;"> private static String remoteModuleName = "remote.jar";</span></p><p><span style="font-family: courier new,courier;"> private static String userName = "admin";</span><br/><span style="font-family: courier new,courier;"> private static String password = "test";</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;"> public static void main(final String[] args) {</span></p><p><span style="font-family: courier new,courier;">  final Client client = new Client();</span><br/><span style="font-family: courier new,courier;">  try {</span><br/><span style="font-family: courier new,courier;">   client.run();</span><br/><span style="font-family: courier new,courier;">  } catch (final Exception ex) {</span><br/><span style="font-family: courier new,courier;">   ex.printStackTrace();</span><br/><span style="font-family: courier new,courier;">  }</span><br/><span style="font-family: courier new,courier;"> }</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;"> public Client() {</span><br/><span style="font-family: courier new,courier;">  // create client configuration</span><br/><span style="font-family: courier new,courier;">  final EJBClientConfiguration clientConfiguration = new PropertiesBasedEJBClientConfiguration(</span><br/><span style="font-family: courier new,courier;">    createClientConfigurationProperties());</span></p><p><span style="font-family: courier new,courier;">  // create a context selector</span><br/><span style="font-family: courier new,courier;">  final ContextSelector<EJBClientContext> contextSelector = new ConfigBasedEJBClientContextSelector(</span><br/><span style="font-family: courier new,courier;">    clientConfiguration);</span></p><p><span style="font-family: courier new,courier;">  // set the selector for use</span><br/><span style="font-family: courier new,courier;">  EJBClientContext.setSelector(contextSelector);</span><br/><span style="font-family: courier new,courier;"> }</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;"> public void run() throws Exception {</span><span style="font-family: courier new,courier;">  </span></p><p><span style="font-family: courier new,courier;">  // lookup and use secured bean</span><br/><span style="font-family: courier new,courier;">  final SecuredRemote secured = lookupBean("Secured", SecuredRemote.class, false);</span><br/><span style="font-family: courier new,courier;">  System.out.println(secured.getCurrentUserName());</span><br/><span style="font-family: courier new,courier;"> }</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;"> private static <T> T lookupBean(final String beanName, final Class<T> viewClass, final boolean stateful)</span><br/><span style="font-family: courier new,courier;">   throws NamingException {</span><br/><span style="font-family: courier new,courier;">  final String lookupName = String.format("ejb:%1$s/%2$s/%3$s!%4$s?%5$s", applicationName, remoteModuleName,</span><br/><span style="font-family: courier new,courier;">    beanName, viewClass.getName(), stateful ? "stateful" : "stateless");</span></p><p><span style="font-family: courier new,courier;">  return (T) getInitialContext().lookup(lookupName);</span><br/><span style="font-family: courier new,courier;"> }</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;"> private static Context context;</span></p><p><span style="font-family: courier new,courier;"> private static Context getInitialContext() throws NamingException {</span><br/><span style="font-family: courier new,courier;">  if (context == null) {</span><br/><span style="font-family: courier new,courier;">   final Hashtable<Object, Object> contextProperties = new Hashtable<>();</span><br/><span style="font-family: courier new,courier;">   contextProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");</span><br/><span style="font-family: courier new,courier;">   contextProperties.put(Context.SECURITY_PRINCIPAL, userName);</span><br/><span style="font-family: courier new,courier;">   contextProperties.put(Context.SECURITY_CREDENTIALS, password);</span></p><p><span style="font-family: courier new,courier;">   contextProperties.put("jboss.naming.client.ejb.context", true);</span><br/><span style="font-family: courier new,courier;">   contextProperties.put(Context.PROVIDER_URL, "remote://localhost:4447");</span></p><p><span style="font-family: courier new,courier;">   //contextProperties.put(Context.INITIAL_CONTEXT_FACTORY, </span><span style="font-family: courier new,courier;">"org.jboss.naming.remote.client.InitialContextFactory");</span></p><p><span style="font-family: courier new,courier;">   context = new InitialContext(contextProperties);</span><br/><span style="font-family: courier new,courier;">  }</span><br/><span style="font-family: courier new,courier;">  return context;</span><br/><span style="font-family: courier new,courier;"> }</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: courier new,courier;"> private static Properties createClientConfigurationProperties() {</span><br/><span style="font-family: courier new,courier;">  final Properties properties = new Properties();</span><br/><span style="font-family: courier new,courier;">  properties.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false");</span><br/><span style="font-family: courier new,courier;">  properties.put("remote.connections", "default");</span></p><p><span style="font-family: courier new,courier;">  properties.put("remote.connection.default.host", "localhost");</span><br/><span style="font-family: courier new,courier;">  properties.put("remote.connection.default.port", "4447");</span></p><p><span style="font-family: courier new,courier;">  properties.put("remote.connection.default.username", userName);</span><br/><span style="font-family: courier new,courier;">  properties.put("remote.connection.default.password", password);</span></p><p><span style="font-family: courier new,courier;">  properties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "true");</span><br/><span style="font-family: courier new,courier;">  // properties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS",</span><span style="font-family: courier new,courier;">"JBOSS-LOCAL-USER");</span><br/><span style="font-family: courier new,courier;">  properties.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");</span></p><p><span style="font-family: courier new,courier;">  return properties;</span><br/><span style="font-family: courier new,courier;"> }</span><br/><span style="font-family: courier new,courier;">}</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"><span style="font-family: arial,helvetica,sans-serif;"> </span> </p><p><span style="font-family: arial,helvetica,sans-serif;">The database query from the login module is executed but using the "jdbc.spy" is see the user name is a random UUID. So I never see the entered user name on the server side. In the end there is of course this exception on server side:</span></p><p><span style="font-family: arial,helvetica,sans-serif;">JBAS014134: EJB Invocation failed on component Secured for method public abstract java.lang.String com.qualitype.tutorial.remote.SecuredRemote.getCurrentUserName(): javax.ejb.EJBAccessException: JBAS013323: Invalid User</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"><span style="font-family: arial,helvetica,sans-serif;"> </span> </p><p><span style="font-family: arial,helvetica,sans-serif;">If I enable the "SASL_DISALLOWED_MECHANISMS" property the  is: java.lang.IllegalStateException: No EJB receiver available for handling [...] combination</span></p><p><span style="font-family: arial,helvetica,sans-serif;">If I enable the "INITIAL_CONTEXT_FACTORY" property the exception is: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: arial,helvetica,sans-serif;">As you can see, I use a lot of different properties. This is a collection copied from various samples from the forum. I think I tested nearly all combination of them but it always leads me to one of the exceptions above.</span></p><p style="min-height: 8pt; height: 8pt; padding: 0px;"> </p><p><span style="font-family: arial,helvetica,sans-serif;">In my opinion the configuration on server side should be alright. But I have a lot of doubts concerning the client configuration...</span></p></div>
<div style="background-color: #f4f4f4; padding: 10px; margin-top: 20px;">
<p style="margin: 0;">Reply to this message by <a href="https://community.jboss.org/message/719442#719442">going to Community</a></p>
<p style="margin: 0;">Start a new discussion in JBoss AS 7 Development at <a href="https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225">Community</a></p>
</div></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div>
</body>
</html>