RE: [jBoss-User] JAAS security, login mechanism

Mon, 05 Feb 2001 09:11:34 -0800 

It logs you to the server at your first bean method call. So, when you do
lc.login() nothing happens on the server.
To lookup beans, JNDI is required and the settings I provided are to
configure JNDI to lookup beans on you jBoss application server...

Additionally, you may need to have "assembly-descriptor" in you ejb-jar.xml
to declare roles and grant methods to roles:
"
...
<assembly-descriptor>
        <security-role>
            <role-name>Superuser</role-name>
        </security-role>

        <security-role>
            <role-name>Employee</role-name>
        </security-role>

        <method-permission>
            <role-name>Superuser</role-name>
            <method>
                <ejb-name>ReportBean</ejb-name>
                <method-name>*</method-name>
            </method>
        </method-permission>

        <method-permission>
            <role-name>Employee</role-name>
            <method>
                    <ejb-name>ReportBean</ejb-name>
                    <method-name>findByPrimaryKey</method-name>
            </method>
            <method>
                    <ejb-name>ReportBean</ejb-name>
                    <method-name>getDetails</method-name>
            </method>
        </method-permission>

    </assembly-descriptor>
...
"

Alexander Klyubin

-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Darius
Davidavicius
Sent: Monday, February 05, 2001 18:58
To: jBoss
Subject: RE: [jBoss-User] JAAS security, login mechanism


my client looks like:
...
            char[] password = args[1].toCharArray();
            AppCallbackHandler handler = new AppCallbackHandler(name,
password);
            LoginContext lc = new LoginContext("TestClient", handler);
            System.out.println("Created LoginContext");
            lc.login();
...

i want to use JaasServerLoginModule like it is described in the
documentation.
I dont do any
>System.setProperty(Context.INITIAL_CONTEXT_FACTORY,
>        "org.jnp.interfaces.NamingContextFactory");

I have the feeling my jboss.xml is bad.I have added:
<jboss>
        <container-configurations>
                <container-configuration>
                        <container-name>Standard Stateless SessionBean</container-name>
                        <role-mapping-manager>java:/jaas/other</role-mapping-manager>
                        <authentication-module>java:/jaas/other</authentication-module>
                </container-configuration>
        </container-configurations>

        <enterprise-beans>
                <session>
                        <ejb-name>DialogJAAS</ejb-name>
                        <configuration-name>Standard Stateless 
SessionBean</configuration-name>
                </session>
        </enterprise-beans>
</jboss>

My auth.xml is:

...
// The default server login module
other {
    // A realistic server login module, which can be used when the number
    // of users is relatively small. It uses two properties files:
    //   users.properties, which holds users (key) and their password
(value).
    //   roles.properties, which holds users (key) and a comma-separated
list of their roles (value).
    org.jboss.security.plugins.samples.JaasServerLoginModule required;

    // For database based authentication comment the line above,
    // uncomment the line below and adjust the parameters in quotes
    // Database server login module provides security manager only, no role
mapping
    // org.jboss.security.plugins.DatabaseServerLoginModule required
db="jdbc/DbJndiName" table="UserTable" name="UserNameColumn"
password="UserPswColumn";
};

i have the feeling configurations are bad somewhere but i cant find where :)

D&D


On Mon, 5 Feb 2001 18:39:30 +0200, Alexander Klyubin wrote:

>Try this one:
>System.setProperty(Context.INITIAL_CONTEXT_FACTORY,
>        "org.jnp.interfaces.NamingContextFactory");
>
>System.setProperty("java.naming.provider.url",
>        "YOUR_SERVER_HERE:1099");
>
>Alexander Klyubin
>
>-----Original Message-----
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]On Behalf Of Darius
>Davidavicius
>Sent: Monday, February 05, 2001 18:31
>To: jBoss
>Subject: RE: [jBoss-User] JAAS security, login mechanism
>
>
>Now i have another error home someone helps me :)
>
>If password is correct.
>client gets such log:
>
>Created LoginContext
>[JAASSecurity] User 'DDD' authenticated.
>javax.naming.NoInitialContextException: Need to specify class name in
>environment or system property, or as an applet parameter, or in an
>application resource
>file:  java.naming.factory.initial
>       at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:646)
>       at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:246)
>       at
>javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:283)
>       at javax.naming.InitialContext.lookup(InitialContext.java:350)
>       at com.ls.dialog.ejb.dialogjaas.JAASClient.main(JAASClient.java:68)
>
>Thanks in advance
>D&D
>
>
>
>
>--
>--------------------------------------------------------------
>To subscribe:        [EMAIL PROTECTED]
>To unsubscribe:      [EMAIL PROTECTED]
>List Help?:          [EMAIL PROTECTED]
>
>
>
>
>--
>--------------------------------------------------------------
>To subscribe:        [EMAIL PROTECTED]
>To unsubscribe:      [EMAIL PROTECTED]
>List Help?:          [EMAIL PROTECTED]
>





--
--------------------------------------------------------------
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
List Help?:          [EMAIL PROTECTED]




--
--------------------------------------------------------------
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
List Help?:          [EMAIL PROTECTED]

Reply via email to