[JBoss-user] [Security & JAAS/JBoss] - Re: Authentication occures many times

Wed, 22 Feb 2006 07:09:05 -0800 

The client auth.conf file contains

MySecurityDomain {
my.package.ClientSideLoginModule  required ;
};

It is a simple single-threaded test application. I didn?t use ?useFirstPass? so 
I just copied the SecurityAssociationActions class to my package ? not a good 
thing, I?ll change it later. Anyway, ClientSideLoginModule repeats the 
ClientLoginModule?s behavior:

public boolean commit() throws LoginException{
SecurityAssociationActions.setPrincipalInfo(loginPrincipal, loginCredential, 
subject);
Set principals = subject.getPrincipals() ;
if( loginPrincipal.getName() != null && !principals.contains( loginPrincipal ) 
){
principals.add( loginPrincipal ) ;
}
return true;
}

Client is very thin, it only scans the finger print and performs a call. It has 
no cache. The comparison happens at server only.

I didn?t want to post my stack trace, because it include the finger prints ? 
about 150 KB each. Anyway, the log tells this when I try to launch the app for 
the second time:

2006-02-22 16:38:43,495 DEBUG 
[org.jboss.remoting.transport.socket.ServerThread] WAKEUP in SERVER THREAD
2006-02-22 16:38:43,495 DEBUG 
[org.jboss.remoting.transport.socket.ServerThread] beginning dorun
2006-02-22 16:38:43,542 INFO  [MyCredentials] MyCredentials->NOT EQUALS

MyCredentials ? the class with the finger print. And then the security check 
begins?

It seem I?ll have to look through the sources? :(


View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3925619#3925619

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3925619


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to