Hi!
Thanks for the help!
I still didn't succeed though.
*I login using my client code and the jBoss ClientLoginModule. This works fine.
*I modified the standardjboss.xml to include the entries you mentioned , but specifying my application name
I then call a test method on my EJB to see if my logged in Principal is propagated to jBoss:
..
System.out.println("And the entity context Principal is:");
System.out.println(entityContext.getCallerPrincipal());
...
Unfortunately the entityContext.getCallerPrincipal() still returns null.
My server auth.conf looks like this:
eonwrx {
// Provides the default realm mapping
org.jboss.security.SimpleServerLoginModule required;
};
Is there something more I need to do? It doesn't seem like the Server login module gets called at all, because it should throw a LoginFailedException in my case since I'm passing a different userid than password.
Gustav
-----Original Message-----
From: Oleg Nitz [mailto:[EMAIL PROTECTED]]
Sent: den 6 december 2000 16:22
To: jBoss
Subject: Re[4]: [jBoss-User] Security
Hi jBoss,
Gustav Bostrom wrote:
GB> Hi Oleg !
GB> This information was great. Now I just wonder what to put in my
GB> jboss.xml.
You need to modify jboss.xml only if non-standard container
configurations are defined there.
Otherwise you just need to modify standardjboss.xml: put inside each
contained configuration the following lines:
<container-configuration>
...
<authentication-module>java:/jaas/other</authentication-module>
<role-mapping-manager>java:/jaas/other</role-mapping-manager>
...
</container-configuration>
Or put your app. name specified in auth.conf instead of "other".
GB> I'm also curious pn how the Login Information is passed from the client
GB> side to the server side. Is the SecurityAssociation still used?
Yes, JAAS security stuff is just a layer over the original jBoss
security stuff.
Best regards,
Oleg
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Problems?: [EMAIL PROTECTED]
