[jboss-user] [Security & JAAS/JBoss] - Classloader problem in principal propagation from WAR to EAR
jainsau
do-not-reply at jboss.com
Wed Aug 29 14:34:17 EDT 2007
I have a custom principal class which I want to use for SSO. I have a login service EJB (in an EAR) which creates this CustomPrincipal instance and returns the same to a client WAR when the client logs in to the web app.
On further EJB invocations (which lie in the EAR which has the Login service also) from client WAR, the CustomPrincipal instance returned from the LoginService is set the on the InitialContext's SECURITY_PRINCIPAL attribute:
contextProperties.put(Context.SECURITY_PRINCIPAL, customPrincipal);
| contextProperties.put(Context.SECURITY_CREDENTIALS, customCredential);
| // ... other properties set here
| context = new InitialContext(contextProperties);
On the server side (in the EAR), an EJB interceptor gets the Principal from the sessionContext and checks whether the Principal is an instance of CustomPrincipal:
Principal principal = sessionContext.getCallerPrincipal();
| if (principal instanceof CustomPrincipal)
| {
| //do some logging and timing checks and continue
| ....
| }
| else throw new Exception("Unsupported principal");
When I run the code, I get the Exception with the message "Unsupported Principal". The Principal I get is an instance of CustomPrincipal but its class loader is WebappClassLoader, where as the CustomPrincipal (on the right side of the instanceof operator) class reference class loader is UnifiledClassLoader3. I am unable to understand the reason and fix for this.
The CustomPrincipal class is in a JAR which is present inside both the EAR and the WAR file.
My jboss-app.xml in the EAR is this:
<?xml version="1.0"?>
|
| <jboss-app>
| <loader-repository>
| fx:loader=fx.ear
| <loader-repository-config>Java2ParentDelegation=false</loader-repository-config>
| </loader-repository>
| </jboss-app>
My jboss-web.xml in the WAR is this:
<?xml version="1.0"?>
|
| <jboss-web>
| <class-loading>
| <loader-repository>
| fx:loader=fxtestharness_i2.war
| </loader-repository>
| </class-loading>
| </jboss-web>
Another point worth mentioning is that when the CustomPrincipal instance is created by the Login service the class loader is UnifiedClassLoader3. But when its returned to the WAR, the class loader is WebappClassLoader.
Please help.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4079299#4079299
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4079299
More information about the jboss-user
mailing list