[jboss-user] [Security & JAAS/JBoss] - Re: JAAS Authentication from stand alone client
eefahs
do-not-reply at jboss.com
Wed Sep 3 23:52:21 EDT 2008
Hi ragav,
Yes I am using a java client, yes first the user will login to the system by accessing the secured subsystem and after that he can access any other subsystem without any authentication, that is my requirement.
But, after successfull login when the user trying to use a unsecured subsystem and an ejb from this unsecured subsystem wants to access a ejb from the secured subsystem the call fails with the error
Caused by: javax.security.auth.login.LoginException: Username not supplied.
| at com.ibsplc.iRes.security.jboss.db.JDbLoginModuleImpl.throwLoginException(JDbLoginModuleImpl.java:322)
| at com.ibsplc.iRes.security.jboss.db.JDbLoginModuleImpl.getUserName(JDbLoginModuleImpl.java:368)
| at com.ibsplc.iRes.security.jboss.db.JDbLoginModuleImpl.login(JDbLoginModuleImpl.java:164)
user - accessing secured ejb - internall calls LoginModule.login() login successfull
- accessiing unsecured ejb - successfull
- accessing a unsecured ejb, which calls secured ejb - failes
So how this unsecured ejb can be enabled to call a secured ejb? I tried by defining the appropriate security-role-ref for the unsecured ejb also. But again the call from unsecured subsystem to the secured subsystem triggers the LoginModule.login() and the username is null;
Is something wrong in my logic?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4174148#4174148
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4174148
More information about the jboss-user
mailing list