[jboss-user] [Beginner's Corner] - Re: Secure access to an EJB3.0

Wolfgang Knauf [http://community.jboss.org/people/WolfgangKnauf] created the discussion "Re: Secure access to an EJB3.0" To view the discussion, visit: http://community.jboss.org/message/589023#589023 -------------------------------------------------------------- Hi Pablo, in AS 4.2, you might use something like this: public class SecurityClientCallbackHandler implements CallbackHandler {   public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException   {     //loop over parameter Callbacks     for (int intIndexCallback = 0; intIndexCallback < callbacks.length; intIndexCallback++)     {       //NameCallback: set Login        if (callbacks[intIndexCallback] instanceof NameCallback)       {         NameCallback nameCallback = (NameCallback) callbacks[intIndexCallback];         nameCallback.setName( "ADMIN" );       }       //PasswordCallback: set password.       else if (callbacks[intIndexCallback] instanceof PasswordCallback)       {         PasswordCallback passwordCallback = (PasswordCallback) callbacks[intIndexCallback];         passwordCallback.setPassword ("ADMIN".toCharArray() );       }       else       {         throw new UnsupportedCallbackException (callbacks[intIndexCallback], "Unsupported Callback!");       }     }   } } And in your client, perform this code to login in:       Properties props = new Properties();       props.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");       props.setProperty(Context.URL_PKG_PREFIXES, "org.jboss.naming.client");       props.setProperty(Context.PROVIDER_URL, "jnp://localhost:1099");       props.setProperty("j2ee.clientName", "SecurityClient");       InitialContext initialContext = new InitialContext(props);       //Initialize Login:       SecurityClientCallbackHandler callbackHandler = new SecurityClientCallbackHandler();       LoginContext loginContext = new LoginContext ("somename", callbackHandler);       loginContext.login(); Note the the "j2ee.clientName" must be declared in a file "jboss-client.xml": <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE jboss-client PUBLIC "-//JBoss//DTD Application Client 4.2//EN" " http://www.jboss.org/j2ee/dtd/jboss-client_4_2.dtd http://www.jboss.org/j2ee/dtd/jboss-client_4_2.dtd" > <jboss-client>       <jndi-name>SecurityClient</jndi-name>       ... </jboss-client> And the "login context" name (here: "somename") must be declared in a file "auth.conf" in META-INF of your client JAR: somename {    // jBoss LoginModule    org.jboss.security.ClientLoginModule  required    ; }; And finally, start your client with a parameter pointing to "auth.conf": -Djava.security.auth.login.config=.../META-INF/auth.conf Hope this helps Wolfgang -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/589023#589023] Start a new discussion in Beginner's Corner at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&...]