[jboss-user] [JBoss Portal] - SecurityAssociation values are null when called from authenticating EJB
Siddu Bulla
do-not-reply at jboss.com
Fri Jun 3 19:41:29 EDT 2011
Siddu Bulla [http://community.jboss.org/people/hublisid] created the discussion
"SecurityAssociation values are null when called from authenticating EJB"
To view the discussion, visit: http://community.jboss.org/message/608572#608572
--------------------------------------------------------------
I have a web applciation and an EJB component.
I am using GenericHeaderAuthenticator and SSOLoginModule for the authentication. In GenericHeaderAuthenticator, I am getting the roles from siteminder and setting in org.jboss.security.SecurityAssociation class.
SecurityAssociation.+setContextInfo+("sm_role", roles);
For the authentication in EJB, the securityDomain is pointing to SSOLoginModule,
When I am trying to access the SecurityAssociation context info in SSOLoginModule , its giving me null values, so the EJB authentication failed!!
String role = (String)SecurityAssociation.+getContextInfo+("sm_role"); roles are coming as null.
This problem is in Unix environment, the same code I tried in Windows environment it's working fine.
Can anyone help me to resolve this issue?
The configuration are as below:-
####################EJB Code:######################################
@org.jboss.ejb3.annotation.SecurityDomain("SSOGenericHeaderAuth")
@Stateless
**public class** FooBean **implements** FooRemote {
*@RolesAllowed("essga_cmdbost_custodian") *
@Resource **private** SessionContext sctx;
*#######war-deployers-jboss-beans.xml(c:\jboss-5.1.0.GA\server\default\deployers\jbossweb.deployer\META-INF) ########*
<property name="authenticators">
<map class="java.util.Properties" keyClass="java.lang.String" valueClass="java.lang.String">
<entry>
<key>HEADER</key>
<value>org.jboss.example.web.tomcat.security.GenericHeaderAuthenticator</value>
</entry>
...........
...........
*######web.xml*###########
<login-config>
<auth-method>HEADER</auth-method>
</login-config>
*#######login-config.xml(c:\jboss-5.1.0.GA\server\default\conf):##########*
<application-policy name="SSOGenericHeaderAuth">
<authentication>
<login-module code="org.jboss.example.web.tomcat.security.SSOLoginModule" flag="sufficient"/>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option name="usersProperties">props/jmx-console-users.properties</module-option>
<module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/608572#608572]
Start a new discussion in JBoss Portal at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2011]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110603/193de4e0/attachment-0001.html
More information about the jboss-user
mailing list