[jboss-user] [Installation, Configuration & DEPLOYMENT] - Re: How to authenticate to the JBoss server from a desktop (

Marcos_APS do-not-reply at jboss.com
Thu Jul 3 07:53:55 EDT 2008


"jaikiran" wrote : From the client, are you trying to connect to a database using a datasource which is deployed on JBoss server?

Yes. As I showed in the beginning I have a datasource deployed on the server. Here it is again:


  | C:\jboss-4.2.2.GA\server\default\deploy\laboratorio-informatica-ds.xml
  | ----------------------------------------------------------------------
  | <?xml version="1.0" encoding="UTF-8"?>
  | <!-- $Id: mssql-ds.xml 61002 2007-02-28 16:13:00Z weston.price at jboss.com $ -->
  | <datasources>
  |   <local-tx-datasource>
  |     <jndi-name>LaboratorioInformaticaDS</jndi-name>
  |     <connection-url>jdbc:sqlserver://server_name;databaseName=database_name</connection-url>
  |     <driver-class>com.microsoft.sqlserver.jdbc.SQLServerDriver</driver-class>
  |     <user-name>user_name</user-name>
  |     <password>password</password>
  |       <!-- corresponding type-mapping in the standardjbosscmp-jdbc.xml (optional) -->
  |       <metadata>
  |          <type-mapping>MS SQLSERVER2000</type-mapping>
  |       </metadata>
  |   </local-tx-datasource>
  | </datasources>
  | 

I access this datasource from my custom login module that I have in the EJB jar application also deployed on the server.

Here's how the login module is configured on the server:


  | C:\jboss-4.2.2.GA\server\default\conf\login-config.xml
  | ------------------------------------------------------
  | <?xml version='1.0'?>
  | <!DOCTYPE policy PUBLIC
  |       "-//JBoss//DTD JBOSS Security Config 3.0//EN"
  |       "http://www.jboss.org/j2ee/dtd/security_config.dtd">
  | 
  | <!-- other configuration... -->
  | 
  | <policy>
  |     <!-- other configuration... -->
  | 
  |     <application-policy name="laboratorio-informatica">
  |        <authentication>
  |           <login-module code="br.urca.www.laboratorioinformatica.seguranca.jboss.ModuloLoginFuncionarios"
  |              flag="required" />
  |        </authentication>
  |     </application-policy>
  | </policy>
  | 

And here's where the error is happening in the login module when it is accessed from the client application:


  | private Dados(String sql) throws LoginException
  | {
  |     final String nomeFonteDados = "java:/LaboratorioInformaticaDS";
  |     try
  |     {
  |         InitialContext contexto = new InitialContext();
  |         // Error in the line bellow, in the lookup
  |         DataSource fonteDados = 
  |             (DataSource) contexto.lookup(nomeFonteDados);
  |         fConexao = fonteDados.getConnection();
  |         fInstrucao = fConexao.prepareStatement(sql);
  |         fInstrucao.setString(1, getUsername());
  |         fDados = fInstrucao.executeQuery();
  |     }
  |     catch (NamingException ex)
  |     {
  |          // ...
  |     }
  |     catch (SQLException ex)
  |     {
  |          // ...
  |     }
  | }
  | 

All this thing is working in the web application. I can understand that in the web application being executed by JBoss the configuration is passed to the InitialContext automatically by JBoss because it is configured in the web application itself because of this file that exists in the web application and that JBoss uses it:


  | jndi.properties
  | ---------------
  | java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
  | java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
  | java.naming.provider.url=jnp://localhost:1099
  | 

But there's no such a configuration in the client application, so JBoss can't pass all this information to the InitialContext when the login module is executed from the client application.

I really would like to have a solution to this as I need to execute the same authentication process that I execute in the web application in the client application. I want to use the same custom login module.

What is interesting is that when I comment the login line in the client application:


  | CallbackHandler gerenciador =
  |     new UsernamePasswordHandler(nomeUsuario, senha);
  | fContextoLogin = new LoginContext("login", gerenciador);
  | //fContextoLogin.login();
  | 

and later I execute a call on a bean method, even if I passed an invalid username and password, the call works. That's really whant I don't want. I want to authenticate with real users. I think that if we can make the login method of the LoginContext works, the problem will be solved.

Can we have a solution to this?

Marcos

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4162310#4162310

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4162310



More information about the jboss-user mailing list