[jboss-user] [Installation, Configuration & DEPLOYMENT] - Classloader problem in principal propagation from WAR to EAR

jainsau Thu, 30 Aug 2007 13:51:44 -0700

Reposting this question from Security forum as this could also be a deployment 
issue:


I have a custom principal class which I want to use for SSO. I have a login 
service EJB (in an EAR) which creates this CustomPrincipal instance and returns 
the same to a client WAR when the client logs in to the web app.

On further EJB invocations (which lie in the EAR which has the Login service 
also) from client WAR, the CustomPrincipal instance returned from the 
LoginService is set the on the InitialContext's SECURITY_PRINCIPAL attribute:
            contextProperties.put(Context.SECURITY_PRINCIPAL, customPrincipal);
  |             contextProperties.put(Context.SECURITY_CREDENTIALS, 
customCredential);
  |             // ... other properties set here
  |             context = new InitialContext(contextProperties);        
  | 
On the server side (in the EAR), an EJB interceptor gets the Principal from the 
sessionContext and checks whether the Principal is an instance of 
CustomPrincipal:

        Principal principal = sessionContext.getCallerPrincipal();
  |         if (principal instanceof CustomPrincipal) 
  |         { 
  |             //do some logging and timing checks and continue
  |             ....
  |         }
  |         else throw new Exception("Unsupported principal");  
  | 
When I run the code, I get the Exception with the message "Unsupported 
Principal". The Principal I get is an instance of CustomPrincipal but its class 
loader is WebappClassLoader, where as the CustomPrincipal (on the right side of 
the instanceof operator) class reference class loader is UnifiledClassLoader3. 
I am unable to understand the reason and fix for this.

The CustomPrincipal class is in a JAR which is present inside both the EAR and 
the WAR file.

My jboss-app.xml in the EAR is this:
<?xml version="1.0"?>
  | 
  | <jboss-app>
  |    <loader-repository>
  |       fx:loader=fx.ear
  |       
<loader-repository-config>Java2ParentDelegation=false</loader-repository-config>
  |    </loader-repository>
  | </jboss-app>        
  | 
My jboss-web.xml in the WAR is this:
<?xml version="1.0"?>
  | 
  | <jboss-web>
  |     <class-loading>
  |         <loader-repository>
  |             fx:loader=fxtestharness_i2.war
  |         </loader-repository>
  |     </class-loading>
  | </jboss-web>        
  | 
Another point worth mentioning is that when the CustomPrincipal instance is 
created by the Login service the class loader is UnifiedClassLoader3. But when 
its returned to the WAR, the class loader is WebappClassLoader.
Please help.

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4079775#4079775

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4079775
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Installation, Configuration & DEPLOYMENT] - Classloader problem in principal propagation from WAR to EAR

Reply via email to