[JBoss Messaging] - Re: Weird transaction error
by TheOverlord
I have the JmsXARealm configuration set as specified in the JBM installation guide:
| <application-policy name = "JmsXARealm">
| <authentication>
| <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
| flag = "required">
| <module-option name = "principal">guest</module-option>
| <module-option name = "userName">guest</module-option>
| <module-option name = "password">guest</module-option>
| <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
The reported exception message does not always happen. If there were credential issues here or in the jmsdb-ds.xml file, it would fail every time I would think. I doubt it would even startup properly in that case.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4169672#4169672
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4169672
17 years, 11 months
[Security & JAAS/JBoss] - Re: How to authenticate to the JBoss server without FORM aut
by Marcos_APS
"ragavgomatam" wrote : There is, I believe another way, without using FORM authentication, you can use Programmatic login (using WebAuthentication) . You will have to refer to the documentation for more details..Check out this url
| http://wiki.jboss.org/wiki/WebAuthentication
Hello, ragavgomatam!
I've been testing WebAuthentication, as suggested by you, and I'm getting some good, and also strange, results. Below are some test that I made (with comments):
Test 1 (with a valid user and password):
| WebAuthentication authentication = new WebAuthentication();
| authentication.login("90000005", "1vgd4m");
| System.out.println(context.getUserPrincipal()); // 90000005
| System.out.println(context.isUserInRole("USUARIO")); // true
| System.out.println(context.isUserInRole("ADMINISTRADOR")); // true
|
| // Session bean method call ok
| System.out.println(FabricaDados.getInstancia().getLocalizadorCampi().localizarCampi().get(0).getNome()); // 'CRAJUBAR'
|
| authentication.logout();
| System.out.println(context.getUserPrincipal()); // null
| System.out.println(context.isUserInRole("USUARIO")); // false
| System.out.println(context.isUserInRole("ADMINISTRADOR")); // false
|
Test 2 (without a valid user and password):
| WebAuthentication authentication = new WebAuthentication();
| authentication.login("90000005abc", "1vgd4mabc");
| System.out.println(context.getUserPrincipal()); // null
| System.out.println(context.isUserInRole("USUARIO")); // false
| System.out.println(context.isUserInRole("ADMINISTRADOR")); // false
|
| // Session bean method call ok (but why?)
| System.out.println(FabricaDados.getInstancia().getLocalizadorCampi().localizarCampi().get(0).getNome()); // 'CRAJUBAR'
|
| authentication.logout();
| System.out.println(context.getUserPrincipal()); // null
| System.out.println(context.isUserInRole("USUARIO")); // false
| System.out.println(context.isUserInRole("ADMINISTRADOR")); // false
|
Test 3 (without authentication):
| // Session bean method call ok (but why? this is very strange)
| System.out.println(FabricaDados.getInstancia().getLocalizadorCampi().localizarCampi().get(0).getNome()); // 'CRAJUBAR'
|
Could you explain why the session bean's method calls are working even with a invalid user and even without authentication?
Thank you.
Marcos
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4169664#4169664
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4169664
17 years, 11 months