[Security & JAAS/JBoss] - Principal from Servlet to EJB not propagating?
by forumer
I need to get a user from a Servlet Request parameter and propagate it to EJB layer. But it is not happening!
Thanks in advance for your help.
This is the excerpt from login-config.xml. Note that I am using ClientLoginModule:
| <application-policy name = "myPolicy">
| <authentication>
| <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
| flag = "required" />
|
| <login-module code = "org.jboss.security.ClientLoginModule" flag = "required">
| <module-option name="password-stacking">useFirstPass</module-option>
| </login-module>
| </authentication>
|
| </application-policy>
|
This is how use a loginContext. users.properties and roles.properties files in application archive are being read correctly.
|
| CallbackHandler handler = new MyHandler("paramFromRequest");
| LoginContext lc = null;
| try
| {
| lc = new LoginContext("myPolicy", handler);
| lc.login();
| Subject subject = lc.getSubject();
| Set<Principal> principals = subject.getPrincipals();
| for(Principal p: principals)
| {
| log.info("name="+p.getName());
| log.debug("name="+p.getName());
| // JBoss Specific
| if (p instanceof SimpleGroup)
| {
| SimpleGroup sg = (SimpleGroup) p;
| if ("Roles".equals(sg.getName()))
| {
| log.debug("role-name=" + sg.toString());
| }
| }
| }
|
| } catch (LoginException e)
| {
| log.info("authentication failed... But this is just a test; Ignore it");
| e.printStackTrace();
| }
|
Here is the handler:
|
| class MyHandler implements CallbackHandler
| {
| String name = null;
| public MyHandler(String name){this.name=name;}
| public void handle(Callback[] callbacks) throws IOException,
| UnsupportedCallbackException
| {
| for (int i = 0; i < callbacks.length; i++)
| {
| if (callbacks instanceof NameCallback)
| {
| NameCallback nc = (NameCallback) callbacks;
| nc.setName(name);
| } else if (callbacks instanceof PasswordCallback)
| {
| PasswordCallback pc = (PasswordCallback) callbacks;
| pc.setPassword(new char[0]);
| } else
| {
| throw new UnsupportedCallbackException(callbacks,
| "Unrecognized Callback");
| }
| }
| }
| }
|
Here is the EJB Method call that I am expecting to fail but succeeds! Calls on "ctx" are commented out because I get "No valid security context for the caller identity" otherwise.
| @RolesAllowed("xxx")
| public List<String> getAllUserGroups()
| {
| // Principal callerPrincipal = ctx.getCallerPrincipal();
| // if(null == callerPrincipal) log.debug("callerPrincipal is null!");
| // else log.debug(callerPrincipal.getName());
| return getAllGroupsAsStrings();
| }
|
|
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3980865#3980865
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3980865
19 years, 6 months
[Management, JMX/JBoss] - Re: Problem with notification filter?
by java123
Thank you for the prompt replies. Unfortunalty removing the mbean from the subscription does not stop the messages from coming in. Is this something by defeault all MBeans register to?
this is what I removed:
<mbean name="JMImplementation:type=MBeanServerDelegate">
| <filter factory="NotificationFilterSupportFactory">
| <enable type="JMX.mbean.registered"/>
| <enable type="JMX.mbean.unregistered"/>
| </filter>
| </mbean>
this is the config:
| <mbean code="com.bfm.app.monitoring.ViewserverJMXNotificationHandler"
| name="jboss.monitor:service=ViewserverMonitoring" >
| <attribute name="SubscriptionList">
| <subscription-list>
| <mbean name="jboss.monitor:service=MemoryMonitor">
| <notification type="jboss.alarm.memory"/>
| </mbean>
| <mbean name="jboss.monitor:service=JDBCMonitor">
| <notification type="jboss.notification.jdbc"/>
| </mbean>
| <mbean name="jboss.system:service=Logging,type=ViewserverNotificationAppender">
| <notification type="jboss.notification.logging"/>
| </mbean>
| </subscription-list>
| </attribute>
| </mbean>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3980862#3980862
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3980862
19 years, 6 months