[jboss-user] [Security & JAAS/JBoss] - JAAS problem with LoginModule

alxt do-not-reply at jboss.com
Thu Feb 5 00:13:18 EST 2009 

I use jdk 1.6.11/win32, JBossAS 5RC2.
EAR contains EJB with jboss.xml:
<?xml version='1.0' encoding='UTF-8' ?>
  | <jboss>
  |     <security-domain>java:/jaas/ASKUR</security-domain>
  | </jboss>

in login-config.xml:
  <application-policy name = "ASKUR">
  |     <authentication>
  |       <login-module code = "ru.infosfera.auth.RolesLoginModule" flag = "required"/>
  |     </authentication>
  |   </application-policy>

in RolesLoginModule:
  private Map<String, ?> sharedState;
  |   public void initialize(Subject subject, CallbackHandler callbackHandler,
  |       Map<String, ?> sharedState, Map<String, ?> options)
  |   { this.sharedState = sharedState; }
  | 
  |   public boolean login() throws LoginException {
  |     log.error("sharedState.size() = " + sharedState.size());
  |     return true;
  |   }

in this EJB exist stateless bean:
public class AuthContext implements AuthContextLocal, AuthContextRemote {
  |   @Resource EJBContext ejbContext;
  |   public String test() {
  |     return ejbContext.getCallerPrincipal().getName();
  |   }

Client code:
    System.setProperty("java.security.auth.login.config","auth.conf");
  |     Hashtable<String, String> params = new Hashtable<String, String>();
  |     params.put(Context.PROVIDER_URL           , "jnp://localhost:1099");
  |     params.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");
  |     params.put(Context.AUTHORITATIVE, "true");
  |     LoginContext lc = new LoginContext("ASKUR",new ClientCallBackHandler("root","root"));
  |     lc.login();
  |     Context ctx = new InitialContext(params);
  |     Object obj = ctx.lookup("EJB/Auth/AuthContext");
  |     AuthContextRemote auth = (AuthContextRemote) PortableRemoteObject.narrow(obj, AuthContextRemote.class);
  |       System.out.println("Auth: " + auth.test());

in auth.conf:
ASKUR { 
  |   org.jboss.security.ClientLoginModule required;
  | };

Result:
EJB bean method test() return username (root), but in Login module datas not sended
anonymous wrote : [RolesLoginModule] sharedState.size() = 0

What need to do? I want check usename...

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4207206#4207206

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4207206

More information about the jboss-user mailing list