JBoss Community

SecurityAssociation values are null when called from authenticating EJB

created by Siddu Bulla in JBoss Portal - View the full discussion

I have a web applciation and an EJB component.

I am using GenericHeaderAuthenticator and SSOLoginModule for the authentication. In GenericHeaderAuthenticator, I am getting the roles from siteminder and setting in org.jboss.security.SecurityAssociation class.

 

SecurityAssociation.setContextInfo("sm_role", roles);

 

For the authentication in EJB, the securityDomain is pointing to SSOLoginModule,

When I am trying to access the SecurityAssociation context info in SSOLoginModule , its giving me null values, so the EJB authentication failed!!

 

String role = (String)SecurityAssociation.getContextInfo("sm_role"); roles are coming as null.

 

This problem is in Unix environment, the same code I tried in Windows environment it's working fine.

 

Can anyone help me to resolve this issue?

 

The configuration are as below:-

 

####################EJB Code:######################################

 

@org.jboss.ejb3.annotation.SecurityDomain("SSOGenericHeaderAuth")

@Stateless

public class FooBean implements FooRemote { 

@RolesAllowed("essga_cmdbost_custodian")  

@Resource private SessionContext sctx; 

 

#######war-deployers-jboss-beans.xml(c:\jboss-5.1.0.GA\server\default\deployers\jbossweb.deployer\META-INF) ########

      <property name="authenticators">
         <map class="java.util.Properties" keyClass="java.lang.String" valueClass="java.lang.String">
    <entry>
               <key>HEADER</key>
               <value>org.jboss.example.web.tomcat.security.GenericHeaderAuthenticator</value>
          </entry>

           ...........

            ...........

######web.xml###########

  <login-config>

      <auth-method>HEADER</auth-method>

  </login-config>

 

#######login-config.xml(c:\jboss-5.1.0.GA\server\default\conf):##########

 

<application-policy name="SSOGenericHeaderAuth">

   <authentication>

   <login-module code="org.jboss.example.web.tomcat.security.SSOLoginModule" flag="sufficient"/>

   <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"

   flag="required">

   <module-option name="usersProperties">props/jmx-console-users.properties</module-option>

   <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>

   </login-module>

  </authentication>

</application-policy>

Reply to this message by going to Community

Start a new discussion in JBoss Portal at Community