[jboss-user] [Security & JAAS/JBoss] - Re: Latest JAAS Tutorial for Database communication

[aleksab]

What about when you want to secure a client?

I've added a policy to the conf/login-config.xml, which seems to work. It connects to the database, but the username is always null (found out by examining the mysql log)

In the client i'm using a LoginContext, and i've included 

  | <login-module code="org.jboss.security.ClientLoginModule" flag="required" />
  |       			<module-option name="restore-login-identity">true</module-option>      			
  |       		</login-module>
  | 
in the conf/login-config.xml like the FAQ says I must do in order for the authentication info propagating to the called component.

But the principal (and password I assume) is never propagating.

My client looks like this:

  | LoginContext loginContext = new LoginContext("pn-login", new CallbackHandler());			
  | 			loginContext.login();
  | 			
  | 			Hashtable<String, String> env = new Hashtable<String, String>();			
  | 			env.put(InitialContext.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.NamingContextFactory");
  | 			env.put(InitialContext.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces");
  | 			env.put(InitialContext.PROVIDER_URL, "jnp://localhost:1099");
  | 			
  | 			Context ctx = new InitialContext(env);    
  | 			SecurityBean bean = (SecurityBean) ctx.lookup("SecurityBeanImpl/remote");
  | 

When i call 

  | System.out.println("Unsecure string: " + bean.getSimpleString());
  | 

i get this exception:

  |  javax.security.auth.login.FailedLoginException: No matching username found in Principals
  | 

What am i doing wrong? Been struggling with this for some time now...

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4018914#4018914

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4018914