Hi,
I think I didn't express myself well last time. The EJBs are secured. We
want a login window which will authenticate a user from client side, using
jboss's loginmodule. That means at the "login" stage, we are not going to
call any EJB methods yet. What we want at this time is whether this user is
a valid user or not. When the user is authenticated, then the user is ready
to call secured methods. The user/pass is cached.
Thanks,
Burt
> What's the point of authenticating the user if you not securing the EJB?
> If you want authentication of the user you must assign a security context
> to the EJB.
>
> ----- Original Message -----
> From: "Yahoo" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Thursday, September 13, 2001 2:20 PM
> Subject: Re: [JBoss-user] Jboss authentication
>
>
> > Hi,
> >
> > Now that part's done. How about I want user/pass sent from client to be
> > authenticated in Jboss(using DatabaseServerLoginModule), but without
> calling
> > a secured ejb method? I found the authentication did not excute if a
> secured
> > ejb is not called.
> >
> > Thanks,
> > Burt
> >
> >
> > > Add a login module configuration in the auth.conf file used by the
> client
> > > to the "other" entry before the ClientLoginModule as the comments
> > > indicate. The login module you add there will perform the client side
> > > authentication.
> > >
> > > other {
> > > // Put your login modules that work without jBoss here
> > >
> > > // jBoss LoginModule
> > > org.jboss.security.ClientLoginModule required;
> > >
> > > // Put your login modules that need jBoss here
> > > };
> > >
> > > ----- Original Message -----
> > > From: Yahoo
> > > To: jboss jboss
> > > Sent: Thursday, September 13, 2001 12:46 PM
> > > Subject: [JBoss-user] Jboss authentication
> > >
> > >
> > > Hi,
> > >
> > > From the client side, we need a "login" module which ONLY
authenticates
> a
> > > user. In jboss, the authentication is not excute unless a secured ejb
> > method
> > > is called. Please take a look of the following client code, if we
> > commented
> > > from
> > >
> > > try{
> > > InitialContext iniContext = ...
> > >
> > > The user is not authenticated at all.
> > >
> > > try
> > > {
> > > AppCallbackHandler handler = new AppCallbackHandler(name,
> > > password);
> > > LoginContext lc = new LoginContext("TestClient", handler);
> > > System.out.println("Created LoginContext");
> > > lc.login();
> > > }
> > > catch (LoginException le)
> > > {
> > > System.out.println("Login failed");
> > > le.printStackTrace();
> > > }
> > >
> > > try
> > > {
> > > InitialContext iniContext = new InitialContext();
> > > SessionHome home = (SessionHome)
> > > iniContext.lookup(example+"/StatelessSession");
> > > System.out.println("Found StatelessSessionHome");
> > > Session bean = home.create();
> > > System.out.println("Created StatelessSession");
> > > System.out.println("Bean.echo('Hello') ->
> > "+bean.echo("Hello"));
> > > bean.remove();
> > > }
> > > catch(Exception e)
> > > {
> > > e.printStackTrace();
> > > }
> > >
> > > What is the setting to enable authentication process?
> > >
> > >
> > > Burt
> > >
> > >
> > > _______________________________________________
> > > JBoss-user mailing list
> > > [EMAIL PROTECTED]
> > > https://lists.sourceforge.net/lists/listinfo/jboss-user
> >
> >
> > _________________________________________________________
> > Do You Yahoo!?
> > Get your free @yahoo.com address at http://mail.yahoo.com
> >
> >
> > _______________________________________________
> > JBoss-user mailing list
> > [EMAIL PROTECTED]
> > https://lists.sourceforge.net/lists/listinfo/jboss-user
> >
>
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/jboss-user
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
