[jboss-user] [EJB 3.0 Development] - JAAS + EJB3.0 + Jboss unable to propaogate

Gaurav Agarwal do-not-reply at jboss.com
Mon Jun 21 08:41:32 EDT 2010


Gaurav Agarwal [http://community.jboss.org/people/Gauravag] created the discussion

"JAAS + EJB3.0 + Jboss unable to propaogate"

To view the discussion, visit: http://community.jboss.org/message/548957#548957

--------------------------------------------------------------
Hi,

I have made a application where the user(client) will get authenticated then he/she can call ejb methods for some modifications where it has to be authorised.
But the problem i''m having is that when my client is getting authenticated then also while calling the ejb module its always showing *Invalid User* althogh the user has been authenticated. The subject and all its principal values are also being propagated.

So how do i get the same thing done

i have a UserServlet(this is client end) as Given below


PasswordCallbackHandler handler = new PasswordCallbackHandler();
LoginContext loginContext = new LoginContext("PassAuth",handler);
         loginContext.login();
 
        Set<Principal> pricipalSet =
        loginContext.getSubject().getPrincipals();
        Set<Principal> pricipalSet =
        loginContext.getSubject().getPrincipals();
 
        Iterator iterator = pricipalSet.iterator();
        System.out.println("Principal = ");
 
        while(iterator.hasNext()) {
         Principal principal = (Principal) iterator.next();
//            SecurityAssociation.setPrincipal(principal);
         System.out.println(""+principal.getName());
        }//while()
       
            System.out.println("value of subject is "+loginContext.getSubject());
            Subject.doAs(loginContext.getSubject(), new PrivilegedAction() {
                     public Object run() {
                  System.out.println("in do As PrivilegedAction ................ ");
                  try {
                        Properties properties = new Properties();
                  properties.setProperty("INITIAL_CONTEXT_FACTORY","org.jnp.interfaces.NamingContextFactory");
                  properties.setProperty("URL_PKG_PREFIXES","org.jboss.naming:org.jnp.interfaces");
                  properties.setProperty("PROVIDER_URL","jnp://localhost:1099");
                  properties.put(Context.SECURITY_PRINCIPAL, "avril");
 
                   Context  context = new InitialContext(properties);
                    Object object = context.lookup("java/AttributeBI/remote");
                    System.out.println("Object ============="+object);
                    AttributeBI attributeBI = (AttributeBI) object;
                    Attribute attribute = new Attribute();
                    attribute.setDataType("test");
                                    
                    System.out.println("SecurityAssociation.getSubject :: "+SecurityAssociation.getSubject());
                   
                    attributeBI.createAttribute(attribute);
                   
                  }catch(Exception exception) {
 
                   exception.printStackTrace();
                  }
                  
                  return true;
                 }
             });
 
          
            loginContext.logout();



Now this uses a config file. PassAuth.conf

PassAuth {
   // jBoss LoginModule
   //com.mqa.iam.module.PasswordLoginModule required debug="true";
  org.jboss.security.ClientLoginModule required;
};



My PasswordLoginModule is as below.
Here in this i'm geting credentials of the subject but even then its showing invalid user.


public void initialize(Subject subject,
                           CallbackHandler callbackHandler,
                           Map sharedState,
                           Map options) {
     
        System.out.println("----------Initialization In Login Module----------");
        this.subject=subject;
        this.callbackHandler=callbackHandler;
        this.sharedState=sharedState;
        this.option=options;
        vector_principal = new Vector();
        vector_credentials = new Vector();
 
        SecurityAssociation.setServer();
       
//      SecurityAssociationActions.setServer();
        if(option.containsKey("debug")) {
            debug = "true".equals(option.get("debug"));
        }//if
  }//Initialization
 
   
    public boolean login() throws LoginException {
 
        if( debug ) {
 
          Callback[] callbacks = new Callback[2];
          callbacks[0] = new NameCallback("UserName :");
          callbacks[1] = new PasswordCallback("Password :", true);
          try {
          callbackHandler.handle(callbacks);
          }catch(Exception ex){
              ex.printStackTrace();
          }
         NameCallback nameCallback = (NameCallback) callbacks[0];
         PasswordCallback passwordCallback = (PasswordCallback) callbacks[1];
 
            System.out.println("userName =========="+nameCallback.getName());
            System.out.println("pwd ======================"+passwordCallback.getPassword());
            
         /* set principle as user's username */
           user_principal=new UserPrincipal(nameCallback.getName());
            vector_principal.add(user_principal);
            boolean f = SecurityAssociation.isServer();
            System.out.println("flag ================="+f);        
        }//if
        return true;
    }//login()




Please help me solve it.

--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/548957#548957]

Start a new discussion in EJB 3.0 Development at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2030]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20100621/c94c0086/attachment-0001.html 


More information about the jboss-user mailing list