I need to get a user from a Servlet Request parameter and propagate it to EJB
layer. But it is not happening!
Thanks in advance for your help.
This is the excerpt from login-config.xml. Note that I am using
ClientLoginModule:
| <application-policy name = "myPolicy">
| <authentication>
| <login-module code =
"org.jboss.security.auth.spi.UsersRolesLoginModule"
| flag = "required" />
|
| <login-module code = "org.jboss.security.ClientLoginModule" flag
= "required">
| <module-option
name="password-stacking">useFirstPass</module-option>
| </login-module>
| </authentication>
|
| </application-policy>
|
This is how use a loginContext. users.properties and roles.properties files in
application archive are being read correctly.
|
| CallbackHandler handler = new MyHandler("paramFromRequest");
| LoginContext lc = null;
| try
| {
| lc = new LoginContext("myPolicy", handler);
| lc.login();
| Subject subject = lc.getSubject();
| Set<Principal> principals = subject.getPrincipals();
| for(Principal p: principals)
| {
| log.info("name="+p.getName());
| log.debug("name="+p.getName());
| // JBoss Specific
| if (p instanceof SimpleGroup)
| {
| SimpleGroup sg = (SimpleGroup)
p;
| if
("Roles".equals(sg.getName()))
| {
| log.debug("role-name="
+ sg.toString());
| }
| }
| }
|
| } catch (LoginException e)
| {
| log.info("authentication failed... But this is just a
test; Ignore it");
| e.printStackTrace();
| }
|
Here is the handler:
|
| class MyHandler implements CallbackHandler
| {
| String name = null;
| public MyHandler(String name){this.name=name;}
| public void handle(Callback[] callbacks) throws IOException,
| UnsupportedCallbackException
| {
| for (int i = 0; i < callbacks.length; i++)
| {
| if (callbacks instanceof NameCallback)
| {
| NameCallback nc = (NameCallback)
callbacks;
| nc.setName(name);
| } else if (callbacks instanceof
PasswordCallback)
| {
| PasswordCallback pc =
(PasswordCallback) callbacks;
| pc.setPassword(new char[0]);
| } else
| {
| throw new
UnsupportedCallbackException(callbacks,
| "Unrecognized
Callback");
| }
| }
| }
| }
|
Here is the EJB Method call that I am expecting to fail but succeeds! Calls on
"ctx" are commented out because I get "No valid security context for the caller
identity" otherwise.
| @RolesAllowed("xxx")
| public List<String> getAllUserGroups()
| {
| // Principal callerPrincipal = ctx.getCallerPrincipal();
| // if(null == callerPrincipal) log.debug("callerPrincipal is
null!");
| // else log.debug(callerPrincipal.getName());
| return getAllGroupsAsStrings();
| }
|
|
|
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3980865#3980865
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3980865
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
