[jboss-user] [Security & JAAS/JBoss] - Secure EJBs and unsecure Servlets
do-not-reply at jboss.com
Fri Dec 19 11:03:37 EST 2008
Having read through my last post, I realised it wasn't really very clear what I was doing/having a problem with. Hopefully now it isn't so early in the day I can be a bit clearer!
So, I have an EJB that I have secured. I can connect to this through my remote client. The remote client has a jndi.properties file that defines the various values for the principal, credentials, factory.initial, etc. This is working fine.
Then I've got a servlet that I'm using as a webservice. This takes a couple of parameters for the principal and credentials. This then calls
| Hashtable env = new Hashtable();
| env.put("java.naming.security.principal", principal);
| env.put("java.naming.security.credentials", credentials);
| nameCtxt = new InitialContext(env);
The nameCtxt returned is then used to perform a lookup of the secure EJB and that's when the problems start due to security.
I've dumped out the values of the context and they are
java.naming.factory.initial = org.jnp.interfaces.NamingContextFactory
java.naming.factory.url.pkg = org.jboss.naming:org.jnp.interfaces:org.jboss.naming:org.jnp.interfaces:org.jboss.naming:org.jnp.interfaces (I'm not sure why these are repeated 3 times)
java.naming.security.principal = MyPrincipal
java.naming.security.credentials = MyCredentials
java.naming.security.protocol = mySecurity
The value for protocol is coming from my jndi.properties file that I've included in the ear file that this is all bundled up into as I thought that might have been the problem.
This is really starting to drive me crazy! I'm sure I must just be missing something simple, but I don't know what.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4197686#4197686
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4197686
More information about the jboss-user