[jboss-user] [Security & JAAS/JBoss] - Re: Principal from Servlet to EJB not propagating?

forumer do-not-reply at jboss.com
Thu Oct 26 09:40:52 EDT 2006 

Thanks for your reply.

Empty password is intentional and is specified in users.properties as such as shown below. An exception is caused and login does fail if I specify a non-empty password in users.properties:

  | fm_full=
  | 

roles.properties is:

  | fm_full=FullUser
  | 

Here is an excerpt from trace/debug log output. As you can see login is happening. However, the servlet, after doing the login is dispatching to jsp and what is disturbing is "runAs: null". Could this be the problem and what can be done to resolve this?


  | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] commit, loginOk=true
  | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Checking user: fm_full, roles string: FullUser
  | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.auth.spi.UsersRolesLoginModule] Adding to Roles: FullUser
  | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.ClientLoginModule] commit, subject=Subject:
  | 	Principal: fm_full
  | 	Principal: Roles(members:FullUser)
  | 
  | 2006-10-26 06:23:23,804 TRACE [org.jboss.security.SecurityAssociation] pushSubjectContext, subject=Subject:
  | 	Principal: fm_full
  | 	Principal: Roles(members:FullUser)
  | , sc=org.jboss.security.SecurityAssociation$SubjectContext at 2fb8d6{principal=fm_full,subject=17825859}
  | .
  | .
  | .
  | 2006-10-26 06:23:23,914 DEBUG [org.apache.catalina.core.ApplicationDispatcher] servletPath=/FleetAdminViewGroups.jsp, pathInfo=null, queryString=null, name=null
  | 2006-10-26 06:23:23,914 DEBUG [org.apache.catalina.core.ApplicationDispatcher]  Path Based Forward
  | 2006-10-26 06:23:23,914 TRACE [org.jboss.web.tomcat.security.RunAsListener] jsp, runAs: null
  | 2006-10-26 06:23:23,914 TRACE [org.jboss.web.tomcat.security.RunAsListener] jsp, runAs: null
  | 
  | 

To reiterate, I am expecting the call to the EJB method to fail as I have specified a non-existing roles in @RolesAllowed.

Thanks

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3981008#3981008

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3981008

More information about the jboss-user mailing list