I'm having a problem with Jboss and JAAS authentication.
I've created a PasswordLoginModule class which extends LoginModule, and a
CallbackHandler class which implements CallbackHandler. Both works fine.
My bean is very simple:
| @Stateless
| @Remote(SecurityBean.class)
| @DeclareRoles({"admin"})
| public class SecurityBeanImpl implements SecurityBean
| {
| @Resource private SessionContext ctx;
| public String getSimpleString()
| {
| if (ctx.isCallerInRole("admin"))
| System.out.println("Caller is in admin role");
| else
| System.out.println("Caller is NOT in admin role");
| return "insecure string";
| }
| }
|
However, when my standalone client tries to call the bean method, using:
| LoginContext loginContext = new LoginContext("MyLogin", new
CallbackHandler());
| loginContext.login();
|
| Hashtable<String, String> env = new Hashtable<String, String>();
| env.put(InitialContext.INITIAL_CONTEXT_FACTORY,
"org.jnp.interfaces.NamingContextFactory");
| env.put(InitialContext.URL_PKG_PREFIXES,
"org.jboss.naming:org.jnp.interfaces");
| env.put(InitialContext.PROVIDER_URL, "jnp://localhost:1099");
|
| Context ctx = new InitialContext();
| SecurityBean bean = (SecurityBean) ctx.lookup("SecurityBeanImpl/remote");
|
| String res = bean.getSimpleString();
| System.out.println("bean returned: " + res);
|
I have a client.conf file which i loaded by the jvm, which contains this:
MyLogin {
no.prognett.test.things.security.PasswordLoginModule required
debug=false;
};
Where MyLogin is the client.
I get a "java.lang.IllegalStateException: No valid security context for the
caller identity" Exception. I've read Jaas and Jboss documentation, without
finding any luck.
What am i doing wrong?
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4005751#4005751
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4005751
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
