[jboss-user] [Security & JAAS/JBoss] - Re: Retreiving user roles using a ClientLogin

ragavgomatam do-not-reply at jboss.com
Wed Oct 29 21:23:58 EDT 2008 

When you run your client programme the jaas config (policy)  file will probably have the client login module and the server side module . If I understand right, the job of the client login module is to pass the credentials to the server side. If you check your policy file it could be having these login modules cascaded. Which means when the LoginContext.login() is called, the modules are called one after another, in succession. The client login module id called, which passes the credentials to Server side Login module , which authenticates & authorizes. So yeahyou could do something like this :- 

LoginContext ctx = null;
  | 		try {
  | 			ctx = new LoginContext("client-login", new CustomHandler(args[0],
  | 					args[1]));
  | 			ctx.login();
  | 			Subject.doAs(ctx.getSubject(), new CustomAction());
  | 		} catch (LoginException le) {
  | 			System.err.println("LoginContext cannot be created. "
  | 					+ le.getMessage());
  | 			System.exit(-1);
  | 		} catch (SecurityException se) {
  | 			System.err.println("LoginContext cannot be created. "
  | 					+ se.getMessage());
  | 		}
  | 
Here CustomHandler  and your CustomAction would look like this :- 

public class CustomHandler implements CallbackHandler {
  | 
  | 	private String name;
  | 	private String password;
  | 
  | 	public void handle(Callback[] callbacks)
  | 			throws UnsupportedCallbackException {
  | 		for (int i = 0; i < callbacks.length; i++) {
  | 			if (callbacks instanceof NameCallback) {
  | 				NameCallback nc = (NameCallback) callbacks;
  | 				nc.setName(this.name);
  | 			} else if (callbacks instanceof PasswordCallback) {
  | 				PasswordCallback pc = (PasswordCallback) callbacks;
  | 				pc.setPassword(this.password.toCharArray());
  | 			} else {
  | 				throw (new UnsupportedCallbackException(callbacks,
  | 						"Callback handler not support"));
  | 			}
  | 		}
  | 	}
  | 
  | 	public CustomHandler(String name, String password) {
  | 		this.name = name;
  | 		this.password = password;
  | 	}
  | 
  | 
  | 



public class CustomAction implements PrivilegedAction {
  | 
  | 	public Object run() {
  |                //call your ejb here
  | 		return someResult;
  | 	}

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4185576#4185576

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4185576

More information about the jboss-user mailing list