Oleg,
A new insight:
The session bean is called from within a jsp servlet.
The servlet environment has been started up with the option:
-Djava.security.auth.login.config=H:/JBoss/jboss-2.1_PRE/client/auth.conf
Contents of auth.conf is:
Companion
{
org.companion.security.ClientLoginModule required multi-threaded="true";
};
The login client I am using in that environment issues:
LoginContext lc = new LoginContext("Companion", handler);
My own org.companion.security.ClientLoginModule performs:
SecurityAssociation.setPrincipal(new CompanionPrincipal(orgpin,
username));
introducing my home made Principal!
Next I call create the session bean, which correctly gets the
CompanionPrincipal
returned at getCallerPrinciple().
Then the session bean calls the finder method on the home interface
of the entity bean. Now the session bean is actually a client of the
entity bean. Hence could it be that another clientLogin is
used in order to arrange for any needed security checks?
If so then I am suspecting that this clientLogin is a different one
then the one I wrote. It is probably using the standard one, introducing the
SimplePrincipal
instance, which is then passed on to the entity bean.
If so, how can I arrange that the correct clientLogin module is used
at this point?
Regards,
Cor.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Oleg Nitz
Sent: Tuesday, February 27, 2001 12:14
To: JBoss-User
Subject: Re: [jBoss-User] Problems with Principal class propagation
Cor,
I still can't reproduce the bug. I called both ejFindCollection and
ejbFindByPrimaryKey from Session bean, getCallerPrincipal() works
correctly inside them.
I am afraid your next step is providing a testcase that shows the bug.
Or a new insight :-)
Regards,
Oleg
Cor Hofman wrote:
> Oleg,
> I am calling getCallerPrincipal() from within a method defined
> in the home interface. To be precise I call it from within
> an ejbFindxxx() method. Not the ejbFindByPrimaryKey() though,
> but an additional one returning a Collection.
> Regards,
> Cor.
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Oleg Nitz
> Sent: Tuesday, February 27, 2001 00:35
> To: JBoss-User
> Cc: [EMAIL PROTECTED]
> Subject: Re: [jBoss-User] Problems with Principal class propagation
> Hi Cor,
> I guess you are absolutely right, this is the difference between your
> case and my case: I don't use home methods of EntityBeans.
> I'll try to fix this tomorrow.
> Do I understand correctly that you call getCallerPrincipal() in
> ejbHomeXXX method, or is it some other home method (which one)?
> Thanks for your insight,
> Oleg
> On Monday 26 February 2001 12:47, Cor Hofman wrote:
>> Oleg, Scott,
>>
>> What crossed my mind:
>> Could it have something to do with calling a method
>> on the home interface. Since that is a difference
>> between the Session bean and the entity bean.
>> the getCallerPrincipal() for the session bean is
>> called from within an "created" session bean.
>> The entity getCallerPrincipal() is performed within
>> one of the home methods of this entity bean.
>>
>> Regards,
>>
>> Cor.
>>
>> -----Original Message-----
>> From: [EMAIL PROTECTED]
>> [mailto:[EMAIL PROTECTED]]On Behalf Of Oleg Nitz
>> Sent: Sunday, February 25, 2001 00:29
>> To: JBoss-User
>> Subject: Re: [jBoss-User] Problems with Principal class propagation
>>
>>
>> Hi Cor,
>>
>> IMHO, looks like a bug, should work as you expect.
>> Strange. I have the similar situation: my owm Principal
>> implementation, my own server login module, session bean calls
>> entity bean, and in the entity bean getCallerPrincipal() returns my
>> implementation.
>> Could you try the current CVS version?
>>
>> Regards,
>> Oleg
>>
>> On Saturday 24 February 2001 09:18, Cor Hofman wrote:
>> > Hi,
>> >
>> > I implemented my own Principal class to add some extra
>> > authorization methods.
>> >
>> > When I perform a the login and call a session bean everything
>> > looks fine. The getCallerPrincipal() inside a sessionbean returns
>> > my own Principal. This session bean then calls an entity bean.
>> > When the entity bean call getCallerPrinciple() it returns an
>> > original SimplePrincipal instance. I would expect the entity bean
>> > to return my own Principal as well. Why isn't that happening? I
>> > expected the new Principal class to be propagated automatically.
>> >
>> > I use a PRE2.1 build from the beginning of january.
>> >
>> > For both the session bean and the entity bean I added the famous
>> > two lines:
>> >
>> >
>> > <role-mapping-manager>java:/jaas/companion</role-mapping-manager>
>> >
>> > <authentication-module>java:/jaas/companion</authentication-modul
>> >e>
>> >
>> > to the container types I use for the session and the entity bean
>> > (in standardJboss.xml).
>> >
>> > I also modified the auth.conf to contain a companion section.
>> >
>> > companion {
>> > org.companion.security.ServerLoginModule required;
>> > };
>> >
>> > Furthermore I added this to the client auth.conf
>> >
>> > companion
>> > {
>> > org.companion.security.ClientLoginModule required
>> > multi-threaded="true"; };
>> >
>> > Any suggestion or hint on how to tackle this one are ver much
>> > appreciated.
>> >
>> > Greetings,
>> >
>> > Cor Hofman
>> >
>> >
>> >
>> > --
>> > --------------------------------------------------------------
>> > To subscribe: [EMAIL PROTECTED]
>> > To unsubscribe: [EMAIL PROTECTED]
>> > List Help?: [EMAIL PROTECTED]
>>
>> --
>> --------------------------------------------------------------
>> To subscribe: [EMAIL PROTECTED]
>> To unsubscribe: [EMAIL PROTECTED]
>> List Help?: [EMAIL PROTECTED]
>>
>>
>>
>>
>> --
>> --------------------------------------------------------------
>> To subscribe: [EMAIL PROTECTED]
>> To unsubscribe: [EMAIL PROTECTED]
>> List Help?: [EMAIL PROTECTED]
> --
> --------------------------------------------------------------
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> List Help?: [EMAIL PROTECTED]
> --
> --------------------------------------------------------------
> To subscribe: [EMAIL PROTECTED]
> To unsubscribe: [EMAIL PROTECTED]
> List Help?: [EMAIL PROTECTED]
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
List Help?: [EMAIL PROTECTED]
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
List Help?: [EMAIL PROTECTED]
