[jboss-user] [Security & JAAS/JBoss] - Help me about JAAS on JBoss !!!

Sat Jan 27 03:27:38 EST 2007

Hi All !
     I am a beginner's JBoss. I have a problem that I understand: I have a Bean called HelloBean that have two methods "printA" and "printB". My ejb-jar.xml has contents:
     ......
   	<assembly-descriptor>
   		<Security-role>
			<role-name>RoleA</role-name>
   		</Security-role>
   		
   		<Security-role>
   			<role-name>RoleB</role-name>
   		</Security-role>
   		
   		<method-permission>
   			<role-name>RoleA</role-name>
   			
   				<ejb-name>HelloBean</ejb-name>
   				<method-name>printA</method-name>
   			
   		</method-permission>
   		
   		<method-permission>
   			<role-name>RoleB</role-name>
   			
   				<ejb-name>HelloBean</ejb-name>
   				<method-name>printB</method-name>
   			
   		</method-permission>
   	</assembly-descriptor>
       ......
     On the Client side, I write fragment of code that implement javax.security.auth.spi.LoginModule
     ......
     LoginContext lc = new LoginContext("helloDomain", new ClientCallbackHandler());
     lc.login();
     Subject ret = lc.getSubject();
     Subject.doAs(sub, new SampleAction());
     .......
     Inside my class SampleAction, I write:
     public class SampleAction implements PrivilegedAction{
       .....
       Properties props = new Properties();
       props.put(Context.PROVIDER_URL,"violon:1099");
props.put(Context.INITIAL_CONTEXT_FACTORY,"org.jnp.interfaces.NamingContextFactory");
       InitialContext context = new InitialContext(props);
       Hello obj = (Hello)context.lookup("HelloBean/remote");
	obj.printA();
       .....
     My config file and policy file :
------------client.config----
     helloDomain {
	     auth.ref.MyLoginModule required debug=false;
     };
------------client.policy----
     grant codebase "file:./-" {
         permission javax.security.auth.AuthPermission "modifyPrincipals";
         permission javax.security.auth.AuthPermission "createLoginContext.helloDomain";
         permission javax.security.auth.AuthPermission "doAs";
         permission javax.security.auth.AuthPermission "doAsPrivileged";
         permission java.util.PropertyPermission "*", "read";
    };
   When I run, I enter username and password and receive some message:
---------
     javax.naming.CommunicationException: Could not obtain connection to any of these urls: violon:1099 and discovery failed with error: java.security.AccessControlException: access denied (java.net.SocketPermission 230.0.0.4 connect,accept,resolve) [Root exception is javax.naming.CommunicationException: Failed to connect to server violon:1099 [Root exception is java.security.AccessControlException: access denied (java.net.SocketPermission violon resolve)]]
	at org.jnp.interfaces.NamingContext.checkRef(NamingContext.java:1414)
	at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:594)
	at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:587)
	at javax.naming.InitialContext.lookup(Unknown Source)
	at auth.ref.SampleAction.run(SampleAction.java:41)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAs(Unknown Source)
	at main.AuthClient.main(AuthClient.java:70)
Caused by: javax.naming.CommunicationException: Failed to connect to server violon:1099 [Root exception is java.security.AccessControlException: access denied (java.net.SocketPermission violon resolve)]
	at org.jnp.interfaces.NamingContext.getServer(NamingContext.java:269)
	at org.jnp.interfaces.NamingContext.checkRef(NamingContext.java:1385)
	... 7 more
Caused by: java.security.AccessControlException: access denied (java.net.SocketPermission violon resolve)
	at java.security.AccessControlContext.checkPermission(Unknown Source)
	at java.security.AccessController.checkPermission(Unknown Source)
	at java.lang.SecurityManager.checkPermission(Unknown Source)
	at java.lang.SecurityManager.checkConnect(Unknown Source)
	at java.net.InetAddress.getAllByName0(Unknown Source)
	at java.net.InetAddress.getAllByName0(Unknown Source)
	at java.net.InetAddress.getAllByName(Unknown Source)
	at java.net.InetAddress.getByName(Unknown Source)
	at org.jnp.interfaces.TimedSocketFactory.createSocket(TimedSocketFactory.java:76)
	at org.jnp.interfaces.NamingContext.getServer(NamingContext.java:239)
	... 8 more
     PLEASE HELP ME TO SOLVE MY PROBLEM !!

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4007143#4007143

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4007143