[jboss-user] [Security & JAAS/JBoss] - JBoss with JAAS

riteshpandey do-not-reply at jboss.com
Wed Dec 13 08:55:36 EST 2006 

Hi

I am securing my application with JAAS. But I am not being able to get the role of a user who is loggin.
My code is as follows.
............................
precad {
   org.jboss.security.ClientLoginModule required;  
};
..................

login-config.xml

<application-policy name = "precad">
       
          <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
             flag = "required">
             <module-option name = "unauthenticatedIdentity">guest</module-option>
             <module-option name = "dsJndiName">java:/MySqlDS</module-option>
             <module-option name = "principalsQuery">SELECT PASSWD FROM USERS WHERE USERID=?</module-option>
             <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM ROLES WHERE USERID=?</module-option>
          </login-module>
       
    </application-policy>
..............


client class is....
 LoginContext lc = new LoginContext(PRECAD_LOGIN_CONTEXT,
                            new DialogCallbackHandler());
                    // attempt authentication
                    lc.login();
                    // TODO Call a user session bean instead!!!
                    //Subject subject = lc.getSubject();
                    Subject subject = lc.getSubject();
                    
                    getProcessRemote().login();
where getProcessRemote is for Remote interface of stateless session bean.

...................

and sessionn bean is

public class UserProcessBean implements UserProcessRemote{
    SessionContext sescont;
    @PersistenceContext(unitName = "precad")
 //   private EntityManager manager;

    //private static Logger logger = Logger.getLogger(UserProcessBean.class);
   
    @SuppressWarnings("unchecked")
    @RolesAllowed({"administrator","developer"})
    public void login(/*Subject subject*/) throws UserProcessException {
        try {           
          System.out.println("In SERVER LOGIN..............");
}
catch(Exception e){e.printStackTrace();}


I am using ejb3.

and I want that as a user login then my getProcessRemote.login() should return the role of this user. But I do not know that how to do it.

Please help me.

/Ritesh
                    
                    

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3993390#3993390

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3993390

More information about the jboss-user mailing list