We've just migrated our app to JBoss 5 (from 4) and have one last annoyance to
resolve. We have an EJB client that uses JNDILoginInitialContextFactory to supply
string-based user/password combination. On the server, our custom JAAS login module
authenticates, and sets our custom Principal to the group "CallerPrincipal"
according to spec. EJBs then see this custom principal in the EJBContext just fine.
With JBoss 5, this no longer works. As I understand, with JBoss 5 we have to perform a
SecurityClient login now, and obtain the InitialContext with a NamingContextFactory
instead.
| SecurityClient client = SecurityClientFactory.getSecurityClient();
| client.setSimple("jdoe", "theduke");
| client.login();
|
| Properties p = new Properties();
| p.put(Context.INITIAL_CONTEXT_FACTORY,
"org.jnp.interfaces.NamingContextFactory");
| p.put(Context.PROVIDER_URL, "jnp://localhost");
| p.put(Context.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces");
|
| InitialContext initialContext = new InitialContext(p);
Upon doing so, authentication succeeds, but the EJBContext seems to only get populated
with a SimplePrincipal. I narrowed it down a bit and found that the EJBContext is
populated with the principal as it is supplied to the SecurityClient. If I set a test
custom principal on the SecurityClient
client.setSimple(new CustomPrincipal("jdoe"), "theduke");
it is propagated to the EJBContext, but this is not a solution, our actual custom
principal (User object) is not yet available to the client and cannot be retrieved
pre-login.
So how is one supposed to establish a custom callerPrincipal via LoginModule in JBoss 5
now?
Thanks in advance.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4213808#...
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...