[jboss-user] [JBoss Portal] - SecurityAssociation values are null when called from authenticating EJB

Fri Jun 3 19:41:29 EDT 2011

Siddu Bulla [http://community.jboss.org/people/hublisid] created the discussion

"SecurityAssociation values are null when called from authenticating EJB"

To view the discussion, visit: http://community.jboss.org/message/608572#608572

--------------------------------------------------------------
I have a web applciation and an EJB component.
I am using GenericHeaderAuthenticator and SSOLoginModule for the authentication. In GenericHeaderAuthenticator, I am getting the roles from siteminder and setting in org.jboss.security.SecurityAssociation class.

SecurityAssociation.+setContextInfo+("sm_role", roles);

For the authentication in EJB, the securityDomain is pointing to SSOLoginModule, 
When I am trying to access the SecurityAssociation context info in SSOLoginModule , its giving me null values, so the EJB authentication failed!!

String role = (String)SecurityAssociation.+getContextInfo+("sm_role"); roles are coming as null.

This problem is in Unix environment, the same code I tried in Windows environment it's working fine.

Can anyone help me to resolve this issue?

The configuration are as below:-

####################EJB Code:######################################

@org.jboss.ejb3.annotation.SecurityDomain("SSOGenericHeaderAuth")
@Stateless
**public class** FooBean **implements** FooRemote {  
*@RolesAllowed("essga_cmdbost_custodian")  * 
@Resource **private** SessionContext sctx;

*#######war-deployers-jboss-beans.xml(c:\jboss-5.1.0.GA\server\default\deployers\jbossweb.deployer\META-INF) ########*
      <property name="authenticators">
         <map class="java.util.Properties" keyClass="java.lang.String" valueClass="java.lang.String">
    <entry>
               <key>HEADER</key>
               <value>org.jboss.example.web.tomcat.security.GenericHeaderAuthenticator</value>
          </entry>
           ...........
            ...........
*######web.xml*###########
  <login-config>
      <auth-method>HEADER</auth-method>
  </login-config>

*#######login-config.xml(c:\jboss-5.1.0.GA\server\default\conf):##########*

<application-policy name="SSOGenericHeaderAuth">
   <authentication>
   <login-module code="org.jboss.example.web.tomcat.security.SSOLoginModule" flag="sufficient"/>
   <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
   flag="required">
   <module-option name="usersProperties">props/jmx-console-users.properties</module-option>
   <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
   </login-module>
  </authentication>
</application-policy>
--------------------------------------------------------------

Reply to this message by going to Community
[http://community.jboss.org/message/608572#608572]

Start a new discussion in JBoss Portal at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2011]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110603/193de4e0/attachment-0001.html 