Hello all,
I would be glad to find a solution to the following problem:
I do have a client which will do subsequent calls to login and logout to an EJB
3 server. The principal can be relatively complex. There is a "test" called EJB
- method, which simply returns the name of the callerPrincipal set in the
sessionContext.
The following test code works:
final SecurityClient client =
SecurityClientFactory.getSecurityClient(JBossSecurityClient.class);
client.setSimple("ln=admin,oce=org_A", "passwd");
client.login();
final InitialContext ctxt = new InitialContext();
final AdministrationServiceRemote adminService = (AdministrationServiceRemote)
ctxt
.lookup("cm3ear/AdministrationService/remote");
System.out.println(adminService.test());
giving the expected output
ln=admin,oce=org_A.
Now I change the code to
final SecurityClient client =
SecurityClientFactory.getSecurityClient(JBossSecurityClient.class);
client.setSimple("ln=admin,oce=org_A", "passwd");
client.login();
final InitialContext ctxt = new InitialContext();
final AdministrationServiceRemote adminService = (AdministrationServiceRemote)
ctxt
.lookup("cm3ear/AdministrationService/remote");
System.out.println(adminService.test());
client.logout();
System.out.println(adminService.test());
Again, I do get the expected behaviour, that is, after the output
ln=admin,oce=org_A
an EJBAccessException is thrown for the second call into adminService.test().
When I change the code to the following:
final SecurityClient client =
SecurityClientFactory.getSecurityClient(JBossSecurityClient.class);
client.setSimple("ln=admin,oce=org_A", "passwd");
client.login();
final InitialContext ctxt = new InitialContext();
final AdministrationServiceRemote adminService = (AdministrationServiceRemote)
ctxt
.lookup("cm3ear/AdministrationService/remote");
System.out.println(adminService.test());
client.logout();
client.setSimple("ln=admin,oce=org_B", "passwd");
client.login();
System.out.println(adminService.test());
I would expect the following output:
ln=admin,oce=org_A
ln=admin,oce=org_B
because I loged in with a different user the second time.
After all, the output is
ln=admin,oce=org_A
ln=admin,oce=org_A,
meaning the JBoss caches the user elsewhere.
On the server side we can see that the logout method of the configured
LoginModule is never called, but only the login method, and this, no matter how
often the last test code runs, always exactly two times, namely once for the
login name ln=admin,oce=org_A, once for the login name ln=admin,oce=org_B.
Nevertheless the second login does not show up in the getCallerPrincipal method.
There is a server restart necessary to clear the cache.
Is this behaviour a bug or considered to be correct - because a user has
already identified itself and it is considered to be a design error, if he must
reidentify itself ?
Any answers would be appreciated ...
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4215660#4215660
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4215660
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
