[jboss-dev-forums] [PicketBox Development] - Re: LoginModule defined with cached=true, but called between web and ejb container

[Daniel Straub]

Daniel Straub [https://community.jboss.org/people/dastraub] created the discussion

"Re: LoginModule defined with cached=true, but called between web and ejb container"

To view the discussion, visit: https://community.jboss.org/message/714211#714211

--------------------------------------------------------------
Unitl you can find a solution, I patched the SimpleSecurityManager because of this problem we are massive hindered during our development process. Each ejb-call forces a call to a complex login module.
I changed the methode  SimpleSecurityManager.establishSecurityContext like this :

{code}
private static SecurityContext establishSecurityContext(final String securityDomain) {
        // Do not use SecurityFactory.establishSecurityContext, its static init is broken.
try {
final AuthenticationManager authenticationManager = new JNDIBasedSecurityManagement().getAuthenticationManager(securityDomain);
final SecurityContext securityContext = SecurityContextFactory.createSecurityContext(securityDomain);
if (authenticationManager != null) {
final ISecurityManagement delegate = securityContext.getSecurityManagement();
                      securityContext.setSecurityManagement(new ISecurityManagement() {
                        @Override
public MappingManager getMappingManager(String securityDomain) {
return delegate.getMappingManager(securityDomain);
                                                  }
                         @Override
public JSSESecurityDomain getJSSE(String securityDomain) {
return delegate.getJSSE(securityDomain);
                                                  }
                         @Override
public IdentityTrustManager getIdentityTrustManager(String securityDomain) {
return delegate.getIdentityTrustManager(securityDomain);
                                                  }
                         @Override
public AuthorizationManager getAuthorizationManager(String securityDomain) {
return delegate.getAuthorizationManager(securityDomain);
                                                  }
                         @Override
public AuthenticationManager getAuthenticationManager(String securityDomain) {
return authenticationManager;
                                                  }
                         @Override
public AuditManager getAuditManager(String securityDomain) {
return delegate.getAuditManager(securityDomain);
                                                  }
                                        });
            }
            SecurityContextAssociation.setSecurityContext(securityContext);
return securityContext;
        } catch (Exception e) {
throw new SecurityException(e);
        }
    }
{code}

Does not look good, but is a workaround for us.
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/714211#714211]

Start a new discussion in PicketBox Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2088]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120203/2a0d6c15/attachment.html