[Security & JAAS/JBoss] - Re: EJB Client and Digest Auth using same SecurityDomain
by joff
I've solved the problem myself, here it is in case someone else has a similar issue:
1) You can have multiple 'login-module' elements per 'authentication' element in login-config.xml, which you can set to 'optional', so that if one fails, the other one will be tried, and the entire authentication won't fail.
2) In order for my EJB client (running inside the container) to authenticate itself with the container (using the Properties as above) then you also need the ClientLoginModule to be present in the config for the security domain
New, improved login-config.xml follows:
<application-policy name="MyDomain">
| <authentication>
|
| <!-- Module for doing DIGEST authentication from the web tier -->
| <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "optional">
| <module-option name = "dsJndiName">java:/myDS</module-option>
| <module-option name = "principalsQuery">SELECT password_hash FROM auth WHERE user_id=?</module-option>
| <module-option name = "rolesQuery">SELECT role AS Role,"Roles" AS RoleGroup FROM role WHERE user_id=?</module-option>
| <module-option name = "hashAlgorithm">MD5</module-option>
| <module-option name = "hashEncoding">rfc2617</module-option>
| <module-option name = "hashUserPassword">false</module-option>
| <module-option name = "hashStorePassword">true</module-option>
| <module-option name = "passwordIsA1Hash">true</module-option>
| <module-option name = "storeDigestCallback">org.jboss.security.auth.spi.RFC2617Digest</module-option>
| </login-module>
|
| <!-- Module for doing authentication from within the application, already have the hashed password -->
| <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "optional">
| <module-option name = "dsJndiName">java:/myDS</module-option>
| <module-option name = "principalsQuery">SELECT password_hash FROM auth WHERE user_id=?</module-option>
| <module-option name = "rolesQuery">SELECT role AS Role,"Roles" AS RoleGroup FROM role WHERE user_id=?</module-option>
| </login-module>
|
| <!-- Client Login module so that the security context can be set for invoking EJBs -->
| <login-module code = "org.jboss.security.ClientLoginModule" flag = "required">
| <module-option name="restore-login-identity">true</module-option>
| </login-module>
|
| </authentication>
| </application-policy>
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4052975#4052975
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4052975
18Â years, 10Â months
[Persistence, JBoss/CMP, Hibernate, Database] - Re: [b] Changes for session time out are not taking place...
by mahtab.singh
Hi,
I am also getting somewhat simillar error:
the error stack is below:
java.lang.RuntimeException: Could not resolve beanClass method from proxy call
at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:199)
at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:106)
at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:828)
at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:681)
at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:358)
at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:412)
at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:239)
at org.jboss.remoting.RemoteClientInvoker.invoke(RemoteClientInvoker.java:190)
at org.jboss.remoting.Client.invoke(Client.java:525)
at org.jboss.remoting.Client.invoke(Client.java:488)
at org.jboss.aspects.remoting.InvokeRemoteInterceptor.invoke(InvokeRemoteInterceptor.java:55)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.aspects.tx.ClientTxPropagationInterceptor.invoke(ClientTxPropagationInterceptor.java:61)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.aspects.security.SecurityClientInterceptor.invoke(SecurityClientInterceptor.java:55)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:65)
at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
at org.jboss.ejb3.stateless.StatelessRemoteProxy.invoke(StatelessRemoteProxy.java:102)
at $Proxy0.updateCabin(Unknown Source)
at com.titan.clients.Client_1.main(Client_1.java:51)
below is my client code:
public class Client_1
{
public static void main(String [] args)
{
try
{
Properties p = new Properties( );
p.put(Context.INITIAL_CONTEXT_FACTORY,
"org.jnp.interfaces.NamingContextFactory");
p.put(Context.URL_PKG_PREFIXES,
" org.jboss.naming:org.jnp.interfaces");
p.put(Context.PROVIDER_URL, "jnp://localhost:1099");
Context jndiContext = new InitialContext(p);
Object ref = jndiContext.lookup("TravelAgentBean/remote");
TravelAgentRemote dao = (TravelAgentRemote)ref;
Cabin noCabin = dao.findCabin(1);
System.out.println("no cabin should be null: " + noCabin);
Cabin cabin_1 = new Cabin();
cabin_1.setId(4);
cabin_1.setName("Master Suite");
cabin_1.setDeckLevel(3);
cabin_1.setShipId(3);
cabin_1.setBedCount(3);
dao.createCabin(cabin_1);
Cabin cabin_2 = dao.findCabin(4);
System.out.println(cabin_2.getName());
System.out.println(cabin_2.getDeckLevel());
System.out.println(cabin_2.getShipId());
System.out.println(cabin_2.getBedCount());
System.out.println("Updating detached cabin instance with new bed count of 4");
cabin_2.setBedCount(4); // this is where it fails
dao.updateCabin(cabin_2);
System.out.println("Finding cabin to see it has been updated with a merge() on server");
Cabin cabin_3 = dao.findCabin(4);
System.out.println("new bed count is: " + cabin_3.getBedCount());
}
catch (Exception ne)
{
ne.printStackTrace();
}
}
}
My Business Interface:
@Remote
public interface TravelAgentRemote
{
public void createCabin(Cabin cabin) throws java.rmi.RemoteException;
public Cabin findCabin(int pKey) throws java.rmi.RemoteException;
public void updateCabin(Cabin cabin) throws java.rmi.RemoteException;
public void flushModeExample() throws java.rmi.RemoteException;
}
Bean Implementation:
package com.titan.travelagent;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.PersistenceContext;
import javax.persistence.PersistenceUnit;
import javax.persistence.FlushModeType;
import com.titan.domain.Cabin;
@Stateless
public class TravelAgentBean implements TravelAgentRemote
{
@PersistenceUnit(unitName="Test") private EntityManagerFactory factory;
@PersistenceContext(unitName="Test") private EntityManager manager;
public void createCabin(Cabin cabin)
{
manager.persist(cabin);
}
public Cabin findCabin(int pKey)
{
return manager.find(Cabin.class, pKey);
}
public void updateCabin(Cabin cabin)
{
manager.merge(cabin);
}
public void flushModeExample()
{
EntityManager createdManager = factory.createEntityManager();
try
{
Cabin newCabin2 = new Cabin();
newCabin2.setId(2);
newCabin2.setName("Another Cabin");
newCabin2.setBedCount(1);
createdManager.persist(newCabin2);
Cabin cabin2 = manager.find(Cabin.class, 2);
if (cabin2 != null)
{
throw new RuntimeException("newCabin2 should not be flushed yet");
}
Cabin cabin1 = (Cabin)createdManager.createQuery("FROM Cabin c WHERE c.id = 1").getSingleResult();
cabin2 = manager.find(Cabin.class, 2);
if (cabin2 == null)
{
throw new RuntimeException("newCabin2 should be flushed now");
}
createdManager.setFlushMode(FlushModeType.COMMIT);
newCabin2.setBedCount(99);
cabin1 = (Cabin)createdManager.createQuery("FROM Cabin c WHERE c.id = 1").getSingleResult();
manager.refresh(cabin2);
if (cabin2.getBedCount() == 99)
{
throw new RuntimeException("should not be 99 yet with COMMIT and a query");
}
createdManager.flush();
manager.refresh(cabin2);
if (cabin2.getBedCount() != 99)
{
throw new RuntimeException("should be 99 yet with a flush");
}
}
finally
{
createdManager.close();
}
}
}
Entity Code
package com.titan.domain;
import javax.persistence.Entity;
import javax.persistence.Table;
import javax.persistence.Column;
import javax.persistence.Id;
@Entity
@Table(name="CABIN")
public class Cabin implements java.io.Serializable
{
private int id;
private String name;
private int deckLevel;
private int shipId;
private int bedCount;
@Id
@Column(name="CABIN_ID")
public int getId()
{
return id;
}
public void setId(int pk)
{
id = pk;
}
@Column(name="CABIN_NAME")
public String getName()
{
return name;
}
public void setName(String str)
{
name = str;
}
@Column(name="CABIN_DECK_LEVEL")
public int getDeckLevel()
{
return deckLevel;
}
public void setDeckLevel(int level)
{
deckLevel = level;
}
@Column(name="CABIN_SHIP_ID")
public int getShipId()
{
return shipId;
}
public void setShipId(int sid)
{
shipId = sid;
}
@Column(name="CABIN_BED_COUNT")
public int getBedCount()
{
return bedCount;
}
public void setBedCount(int bed)
{
bedCount = bed;
}
}
If somebody can help me out..would be a great help...
Thanks
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4052974#4052974
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4052974
18Â years, 10Â months