[jboss-user] [Security & JAAS/JBoss] - No valid security context

aleksab do-not-reply at jboss.com
Wed Jan 24 06:54:56 EST 2007 

I'm having a problem with Jboss and JAAS authentication.

I've created a PasswordLoginModule class which extends LoginModule, and a CallbackHandler class which implements CallbackHandler. Both works fine.

My bean is very simple:


  | @Stateless
  | @Remote(SecurityBean.class)
  | @DeclareRoles({"admin"})
  | public class SecurityBeanImpl implements SecurityBean
  | {	
  | 	@Resource private SessionContext ctx;		
  | 	public String getSimpleString()
  | 	{
  | 		if (ctx.isCallerInRole("admin"))
  | 			System.out.println("Caller is in admin role");
  | 		else
  | 			System.out.println("Caller is NOT in admin role");	
  | 		return "insecure string";
  | 	}
  | }
  | 

However, when my standalone client tries to call the bean method, using:


  | LoginContext loginContext = new LoginContext("MyLogin", new CallbackHandler());
  | loginContext.login();
  | 			
  | Hashtable<String, String> env = new Hashtable<String, String>();
  | env.put(InitialContext.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");
  | env.put(InitialContext.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces");
  | env.put(InitialContext.PROVIDER_URL, "jnp://localhost:1099");	
  | 			
  | Context ctx = new InitialContext();    
  | SecurityBean bean = (SecurityBean) ctx.lookup("SecurityBeanImpl/remote");
  | 		
  | String res = bean.getSimpleString();
  | System.out.println("bean returned: " + res);
  | 

I have a client.conf file which i loaded by the jvm, which contains this:
MyLogin {
	no.prognett.test.things.security.PasswordLoginModule required debug=false;
};
Where MyLogin is the client.

I get a "java.lang.IllegalStateException: No valid security context for the caller identity" Exception. I've read Jaas and Jboss documentation, without finding any luck.

What am i doing wrong?

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4005751#4005751

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4005751

More information about the jboss-user mailing list