[jboss-user] [Security & JAAS/JBoss] - @SecurityDomain, Principal resolution

cro110011 do-not-reply at jboss.com
Fri Oct 31 07:21:43 EDT 2008

I have configured a security domain using the @SecurityDomain ("esvRealm") annotation on a bean; in the login-config.xml file I have added an app policy with the same name: 

    <application-policy name = "esvRealm">
          <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required">
           <module-option name="usersProperties">esv-users.properties</module-option>
           <module-option name="rolesProperties">esv-roles.properties</module-option>
			<module-option name="unauthenticatedIdentity">esv_anonymous</module-option>
			<module-option name="restore-login-identity">true</module-option> 

when i make remote calls to the bean the principal cannot be extracted from the ejb context; the principal name is always set to esv_anonymous as defined in the policy (which shows me that the poicy somehow is recognized but cannot resolve the user ..); in the (standalone remote java) client I'm setting the following properties: 

    env.setProperty( Context.INITIAL_CONTEXT_FACTORY, "org.jboss.security.jndi.JndiLoginInitialContextFactory" );
    env.setProperty( Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory" );
    env.setProperty( Context.PROVIDER_URL, "jnp://localhost:1099/" );
    env.setProperty( Context.SECURITY_AUTHENTICATION, "simple" );
    env.setProperty( Context.SECURITY_PRINCIPAL, user );
    env.setProperty( Context.SECURITY_CREDENTIALS, password );

any help is appreciated :-)
regards, christian

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4185991#4185991

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4185991

More information about the jboss-user mailing list