Community

JAAS + EJB3.0 + Jboss unable to propaogate

created by Gaurav Agarwal in EJB 3.0 Development - View the full discussion

Hi,

 

I have made a application where the user(client) will get authenticated then he/she can call ejb methods for some modifications where it has to be authorised.

But the problem i''m having is that when my client is getting authenticated then also while calling the ejb module its always showing Invalid User althogh the user has been authenticated. The subject and all its principal values are also being propagated.

 

So how do i get the same thing done

 

i have a UserServlet(this is client end) as Given below

 

 

PasswordCallbackHandler handler = new PasswordCallbackHandler();
LoginContext loginContext = new LoginContext("PassAuth",handler);
         loginContext.login();
 
        Set<Principal> pricipalSet =
        loginContext.getSubject().getPrincipals();
        Set<Principal> pricipalSet =
        loginContext.getSubject().getPrincipals();
 
        Iterator iterator = pricipalSet.iterator();
        System.out.println("Principal = ");
 
        while(iterator.hasNext()) {
         Principal principal = (Principal) iterator.next();
//            SecurityAssociation.setPrincipal(principal);
         System.out.println(""+principal.getName());
        }//while()
       
            System.out.println("value of subject is "+loginContext.getSubject());
            Subject.doAs(loginContext.getSubject(), new PrivilegedAction() {
                     public Object run() {
                  System.out.println("in do As PrivilegedAction ................ ");
                  try {
                        Properties properties = new Properties();
                  properties.setProperty("INITIAL_CONTEXT_FACTORY","org.jnp.interfaces.NamingContextFactory");
                  properties.setProperty("URL_PKG_PREFIXES","org.jboss.naming:org.jnp.interfaces");
                  properties.setProperty("PROVIDER_URL","jnp://localhost:1099");
                  properties.put(Context.SECURITY_PRINCIPAL, "avril");
 
                   Context  context = new InitialContext(properties);
                    Object object = context.lookup("java/AttributeBI/remote");
                    System.out.println("Object ============="+object);
                    AttributeBI attributeBI = (AttributeBI) object;
                    Attribute attribute = new Attribute();
                    attribute.setDataType("test");
                                    
                    System.out.println("SecurityAssociation.getSubject :: "+SecurityAssociation.getSubject());
                   
                    attributeBI.createAttribute(attribute);
                   
                  }catch(Exception exception) {
 
                   exception.printStackTrace();
                  }
                  
                  return true;
                 }
             });
 
          
            loginContext.logout();

 

 

Now this uses a config file. PassAuth.conf

 

PassAuth {
   // jBoss LoginModule
   //com.mqa.iam.module.PasswordLoginModule required debug="true";
  org.jboss.security.ClientLoginModule required;
};

 

 

My PasswordLoginModule is as below.

Here in this i'm geting credentials of the subject but even then its showing invalid user.

 

 

public void initialize(Subject subject,
                           CallbackHandler callbackHandler,
                           Map sharedState,
                           Map options) {
     
        System.out.println("----------Initialization In Login Module----------");
        this.subject=subject;
        this.callbackHandler=callbackHandler;
        this.sharedState=sharedState;
        this.option=options;
        vector_principal = new Vector();
        vector_credentials = new Vector();
 
        SecurityAssociation.setServer();
       
//      SecurityAssociationActions.setServer();
        if(option.containsKey("debug")) {
            debug = "true".equals(option.get("debug"));
        }//if
  }//Initialization
 
   
    public boolean login() throws LoginException {
 
        if( debug ) {
 
          Callback[] callbacks = new Callback[2];
          callbacks[0] = new NameCallback("UserName :");
          callbacks[1] = new PasswordCallback("Password :", true);
          try {
          callbackHandler.handle(callbacks);
          }catch(Exception ex){
              ex.printStackTrace();
          }
         NameCallback nameCallback = (NameCallback) callbacks[0];
         PasswordCallback passwordCallback = (PasswordCallback) callbacks[1];
 
            System.out.println("userName =========="+nameCallback.getName());
            System.out.println("pwd ======================"+passwordCallback.getPassword());
            
         /* set principle as user's username */
           user_principal=new UserPrincipal(nameCallback.getName());
            vector_principal.add(user_principal);
            boolean f = SecurityAssociation.isServer();
            System.out.println("flag ================="+f);        
        }//if
        return true;
    }//login()

 

 

 

Please help me solve it.

Reply to this message by going to Community

Start a new discussion in EJB 3.0 Development at Community