[jboss-user] [Security & JAAS/JBoss] - Authentification problems in Jboss 5

tgueze do-not-reply at jboss.com
Tue Jun 10 07:28:42 EDT 2008

I am using Jboss 5 app server and I have some problems when using jaas authentification.

Different users login and logout successively and call beans methods.
On the client side, I have a custom login module which perform authentification.
On the server side, I use the ClientLoginModule.
In the beans, I retrieve the EJBContext with a lookup and get the caller principal.
Sometimes it works, but sometimes, the caller returned doesn't correspond to the user who made the login. It corresponds to a user who was logged before and who logout.

  | final Object o = new InitialContext().lookup("java:comp/EJBContext");
  | final Class< ? > ejbContextClass = Class.forName("javax.ejb.EJBContext");
  | final Method getCallerPrincipalMethod = ejbContextClass.getMethod("getCallerPrincipal");
  | final Principal principal = (Principal) getCallerPrincipalMethod.invoke(o);
  | final String callerId = principal.getName();

Any idea? Do I forgot something?


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4156965#4156965

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4156965

More information about the jboss-user mailing list