JBoss Community

JAAS + EJB3.0 + Jboss unable to propaogate

reply from Gaurav Agarwal in EJB 3.0 - View the full discussion

Thanks for ur help.Finaaly i made my application complete.

The code is as folows..

 

Servlet where EJB is called and our authentication is done

 

try{
//here u need to get the logincontext called so that u get authenticated subject
LoginContext loginContext = new LoginContext("login-config file name",new PasswordCallbackHandler());
loginContext.login();
 
//calling ur EJB module
Properties properties = new Properties();
 properties.setProperty("INITIAL_CONTEXT_FACTORY","org.jnp.interfaces.NamingContextFactory");
 properties.setProperty("URL_PKG_PREFIXES","org.jboss.naming:org.jnp.interfaces");
 properties.setProperty("PROVIDER_URL","jnp://localhost:1099");
     
Context  context = new InitialContext(properties);
Object object = context.lookup("java/AttributeBI/remote");
//rest u now
loginContext.logout();
}catch(Exception exception) {
 exception.printStackTrace();}
 

 

 

Here i have my custom login module which requires (NOTE:user defined) PricipalClass,GroupClass(for roles) ,CallbackHandlers for username and passwords and last CulomLoginModule that implements LoginModule

 

PasswordCallbackHandler
public class PasswordCallbackHandler implements CallbackHandler {
    public PasswordCallbackHandler() {
    }
    public void handle(Callback[] callbacks)throws java.io.IOException, UnsupportedCallbackException {
        for (int i = 0; i < callbacks.length; i++) {
            if (callbacks[i] instanceof NameCallback) {
                System.out.print("*"+((NameCallback)callbacks[i]).getPrompt());
                ((NameCallback)callbacks[i]).setName("username");
            } else if (callbacks[i] instanceof PasswordCallback) {
                System.out.print("*"+((PasswordCallback)callbacks[i]).getPrompt());
                String pass=new String("password");
             ((PasswordCallback)callbacks[i]).setPassword(pass.toCharArray());
            }}}}    

 

PrincipalClass

 

public class UserPrincipal implements Principal,
                                      Serializable{
    private String name;
 
    /*** Description : UserPrincipal constructor*/
    public UserPrincipal(){
        name="";
    }//UserPrincipal()
  /** * Description : Parameterize constructor * @param name  */
    public UserPrincipal(String name){
        this.name=name;
    }//UserPrincipal()
 
    /** * Description : This method is to get Name * @return  */
    public String getName() {
       return this.name;
    }//getName()
 
     public String toString() {
    return("UserPrincipal:  " + this.name);
    }
 
    public boolean equals(Object o) {
        if (o == null) {
            return false;
        }
        if (this == o) {
            return true;
        }
        if (!(o instanceof UserPrincipal)) {
            return false;
        }
        UserPrincipal that = (UserPrincipal) o;
        if (this.getName().equals(that.getName())) {
            return true;
        }
        return false;
    }
 
    public int hashCode() {
        return this.name.hashCode();
    }
 
}//UserPrinciple

 

 

Pricicpal Group

public class PrincipalGroup implements Group, Serializable{
  private final String name;
  private final Set<Principal> users = new HashSet<Principal>();
 
  public PrincipalGroup(String name) {
    this.name = name;
  }
 
  public boolean addMember(Principal user) {
    return users.add(user);
  }
 
  public boolean removeMember(Principal user) {
    return users.remove(user);
  }
 
  public boolean isMember(Principal member) {
    return users.contains(member);
  }
 
  public Enumeration<? extends Principal> members() {
    return Collections.enumeration(users);
  }
 
  public String getName() {
    return name;
  }
 
  public boolean equals(Object o) {
    if (o == null) {
            return false;
        }
 
        if (this == o) {
            return true;
        }
 
        if (!(o instanceof PrincipalGroup)) {
            return false;
        }
        PrincipalGroup that = (PrincipalGroup) o;
 
        if (this.getName().equals(that.getName())) {
            return true;
        }
        return false;
    }
 
      public int hashCode() {
            return this.name.hashCode();
        }
 
}

 

 

PasswordLoginModule

 

 

public class PasswordLoginModule implements LoginModule{
    public Subject subject;
    public CallbackHandler callbackHandler;
    public UserPrincipal user_principal;
    private UserPrincipal[] roles;
    public UserCredential user_credential;
    Map sharedState;
    Map option;
    String url;
    String driver;
    private String username;
    private String password;
    boolean debug, result;
    Vector<UserCredential> vector_credentials;
    Vector<UserPrincipal> vector_principal;
 
 
    /**
     * Description : Initialization method for PasswordLoginModule
     * @param subject
     * @param callbackHandler
     * @param sharedState
     * @param options
     */
    public void initialize(Subject subject,
                           CallbackHandler callbackHandler,
                           Map sharedState,
                           Map options) {
     
        System.out.println("----------Initialization In Login Module----------");
        this.subject=subject;
        this.callbackHandler=callbackHandler;
        this.sharedState=sharedState;
        this.option=options;
        vector_principal = new Vector();
        vector_credentials = new Vector();        
         if(option.containsKey("debug")) {
            debug = "true".equals(option.get("debug"));
        }//if
  }//Initialization
 
   /**
     * Description : login method of module
     * @return
     * @throws LoginException
     */
    public boolean login() throws LoginException {
         if( debug ) {
 
         Callback[] callbacks = new Callback[2];
        callbacks[0] = new NameCallback("UserName :");
        callbacks[1] = new PasswordCallback("Password :", true);        
        try {
        callbackHandler.handle(callbacks);
           
        }catch(Exception ex) {
         ex.printStackTrace();
        }
         username = ((NameCallback) callbacks[0]).getName();
         System.out.println("user name =  "+username);
         password = new String(((PasswordCallback) callbacks[1]).getPassword());
         System.out.println("pass =  "+password);
         
         user_principal = new UserPrincipal(username);
         vector_principal.add(user_principal);
 
         roles = new UserPrincipal[] {
           new UserPrincipal("done") // for example
           };
 
         UserCredential userCredential = new UserCredential();
         userCredential.setProperty("Roles","done");
         vector_credentials.add(userCredential);
       return true;
    }//login()
 
 
  /**
     * Description : Commit method to set subject over logincontext
     *               after successful login
     * @return
     * @throws LoginException
     */
    public boolean commit() throws LoginException {
     
        if( debug ) {
         System.out.println("------------Commit Event----------");
             if ( subject.isReadOnly() ) {
                throw new LoginException("Subject is Readonly");
            }//if
             try{                
                 this.subject.getPrincipals().addAll(vector_principal);
 
 
                PrincipalGroup group = new PrincipalGroup("Roles");
 
                for (UserPrincipal role : roles) {
                group.addMember(role);
               }
               subject.getPrincipals().add(group);
               subject.getPublicCredentials().addAll(vector_credentials);
                  return true;
            }catch(Exception ex){
               ex.printStackTrace(System.out);
               throw new LoginException(ex.getMessage());
           }//catch
         }
        else {
         return false;
        }
       
    }//commit()
 
    /**
     * Description : This method get called when login is get aborted
     * @return
     * @throws LoginException
     */
    public boolean abort() throws LoginException {
         System.out.println("-----------Abort Event--------------");
       return true;
    }//abort()
 /**
     * Decription : This method is to get logout from logincontext
     * @return
     * @throws LoginException
     */
    public boolean logout() throws LoginException {
          vector_principal.clear();
          vector_credentials.clear();          
       return true;
    }//logout()   
   }// PasswordLoginModule
 

 

 

@Stateless(name=mapped.JNDI_NAME)
@RolesAllowed("done")
public class AttributeBO implements AttributeBI {
 
private SessionContext sctx;
 
    public void setMessageContext(MessageContext messageContext) {
        this.messageContext = messageContext;
    }
@Resource
private void setSctx(SessionContext sctx){     
        this.sctx = sctx;        
    }
@Resource
private void seteJBContext(EJBContext eJBContext) {
        this.eJBContext = eJBContext;
    }
private AttributeEAO attributeEAO;
 
 @EJB
 public void setAttributeEAO(AttributeEAO attributeEAO) {
  this.attributeEAO = attributeEAO;
  
 }
 
 /**
  * Description : This method is to create Attribute
  * @param attribute
  */
 public void createAttribute(Attribute attribute) {
          
        Principal user_principle=sctx.getCallerPrincipal();
        System.out.println("Ejb Side Principal "+user_principle.getName());
        System.out.println("Ejb Side isCallerInRole "+sctx.isCallerInRole("done"));
        
 }//createAttribute()

 

Now in this i want to get my credentials but there is no existing metood to receive the credentials.. Credentails may contain some propertiesas our own variable values...

 

my jboss-xml is as

<jboss>
<security-domain>java:/jaas/PassAuth</security-domain>
</jboss>

 

 

my config file ia as

 

PassAuth{
      com.mqa.iam.module.PasswordLoginModule required debug="true" 
};

 

 

Also my login config is like this :

 

<application-policy name="PassAuth">
    <authentication>
       <login-module code="ur own cutomloginmodule" flag="required">
        <module-option name="debug">true</module-option>
          </login-module>  
<!--this is used to propagate the values from web to ejb this is must -->     
       <login-module code="org.jboss.security.ClientLoginModule" flag="required">
       </login-module>    
    </authentication>
  </application-policy>

Reply to this message by going to Community

Start a new discussion in EJB 3.0 at Community