[jboss-user] [Beginner's Corner] - Re: Secure access to an EJB3.0

Wolfgang Knauf do-not-reply at jboss.com
Tue Feb 22 10:06:22 EST 2011


Wolfgang Knauf [http://community.jboss.org/people/WolfgangKnauf] created the discussion

"Re: Secure access to an EJB3.0"

To view the discussion, visit: http://community.jboss.org/message/589023#589023

--------------------------------------------------------------
Hi Pablo,

in AS 4.2, you might use something like this:

public class SecurityClientCallbackHandler implements CallbackHandler
{
  public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
  {
    //loop over parameter Callbacks
    for (int intIndexCallback = 0; intIndexCallback < callbacks.length; intIndexCallback++)
    {
      //NameCallback: set Login
       if (callbacks[intIndexCallback] instanceof NameCallback)
      {
        NameCallback nameCallback = (NameCallback) callbacks[intIndexCallback];
        nameCallback.setName( "ADMIN" );
      }
      //PasswordCallback: set password.
      else if (callbacks[intIndexCallback] instanceof PasswordCallback)
      {
        PasswordCallback passwordCallback = (PasswordCallback) callbacks[intIndexCallback];
        passwordCallback.setPassword ("ADMIN".toCharArray() );
      }
      else
      {
        throw new UnsupportedCallbackException (callbacks[intIndexCallback], "Unsupported Callback!");
      }
    }
  }
}

And in your client, perform this code to login in:

      Properties props = new Properties();
      props.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");
      props.setProperty(Context.URL_PKG_PREFIXES, "org.jboss.naming.client");
      props.setProperty(Context.PROVIDER_URL, "jnp://localhost:1099");
      props.setProperty("j2ee.clientName", "SecurityClient");

      InitialContext initialContext = new InitialContext(props);

      //Initialize Login:
      SecurityClientCallbackHandler callbackHandler = new SecurityClientCallbackHandler();
      LoginContext loginContext = new LoginContext ("somename", callbackHandler);
      loginContext.login(); 

Note the the "j2ee.clientName" must be declared in a file "jboss-client.xml":

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-client PUBLIC "-//JBoss//DTD Application Client 4.2//EN" " http://www.jboss.org/j2ee/dtd/jboss-client_4_2.dtd http://www.jboss.org/j2ee/dtd/jboss-client_4_2.dtd" >
<jboss-client>
      <jndi-name>SecurityClient</jndi-name>
      ...
</jboss-client>

And the "login context" name (here: "somename") must be declared in a file "auth.conf" in META-INF of your client JAR:
somename {
   // jBoss LoginModule
   org.jboss.security.ClientLoginModule  required
   ;
};


And finally, start your client with a parameter pointing to "auth.conf": -Djava.security.auth.login.config=.../META-INF/auth.conf 

Hope this helps

Wolfgang
--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/589023#589023]

Start a new discussion in Beginner's Corner at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2075]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110222/9a08e23e/attachment-0001.html 


More information about the jboss-user mailing list