[jboss-user] [Security] - JASS login/logout with EJB stateless

slimamar do-not-reply at jboss.com
Fri Nov 6 08:57:10 EST 2009


We 're using JBAS 5.1.0 GA with JASS authentification in a EJB stateless client GUI standalone.
At the server side we 're using a ClientLoginModule  and a ServerLoginModule  at the server side.

We have a problem with the login/logout mechanism because each client can
modify dynamically  his password and when he exit we do a logout with the 
 ClientLoginModule .

The problem is the logout at the client side (ClientLoginModule  ) doesn't call the 'logout' at the server side (ServerLoginModule ) and when the user reconnects at the first time he get this error :
anonymous wrote : 
  | java.lang.IllegalStateException: Security Context has not been set
  |   at org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke(RoleBasedAuthorizationInterceptorv2.java:151)
  |   at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
  |   at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:186)

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4264339#4264339

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4264339

More information about the jboss-user mailing list