I did it...
>>>>>- auth.conf file :
>>>>>
>>>>> other
>>>>> {
>>>>> org.jboss.security.ClientLoginModule required;
>>>>> };
code:
>>>>> lc = new LoginContext("other", handler);
but it don't work...
I read in JBoss3.0QuickStart page 54 the following :
"Note that this login module does not perform any authentication. It
merely copies the login information provided to it into the JBoss server
EJB invocation layer for subsequent authentication on the server. If you
need to perform client-side authentication of users you would need to
configure login modules in addition to the ClientLoginModule."
so di I have to configure the ldap server in the client??? Isn't there
an module that uses the server authentication conf. ? how does the
embedded tomcat authenticates against a remote jboss???
Emerson Cargnin
[EMAIL PROTECTED] wrote:
> You probably need a client login module spesified in auth.conf, but it seems like
>you have one. But I think the file has to refer to the sec. domain you want to login
>to, like the file we use:
>
> // Connect client's login module, that infects the
> // EJB transport layer with the application caller
> connectClientDomain { // THIS IS OUR DOMAIN
>
> // JBoss LoginModule
> org.jboss.security.ClientLoginModule required
> ;
>
> // Put your login modules that need JBoss here
> //no.boostcom.web.connect.login.PasswordLoginModule required
> //password-stacking="useFirstPass"
> //;
>
> };
>
>
> And that file
> On Tue, Jul 02, 2002 at 10:31:22AM -0300, Emerson Cargnin - MSA wrote:
>
>>
>>[EMAIL PROTECTED] wrote:
>>
>>
>>>Is the callback called? Do you have a security domain set up?
>>>
>>yes, in tomcat embedded it works all right... do I have to refer from
>>the junit test to the security domain???
>>
>>jboss-security.xml:
>>
>><security-domain>java:/jaas/sicredi</security-domain>
>>
>>
>>
>>>On Mon, Jul 01, 2002 at 06:39:24PM -0300, Emerson Cargnin - MSA wrote:
>>>
>>>
>>>>no sugestion?
>>>>
>>>>Emerson Cargnin - MSA wrote:
>>>>
>>>>
>>>>
>>>>>My problem is to make a junit test to access the EJB's using security. I
>>>>>tried to use the tests from CVS. My server uses ldap to authenticate
>>>>>users. From embbeded tomcat it works allright, i did the following to
>>>>>access through junit task :
>>>>>
>>>>>
>>>>>- ant build.xml file that calls junit test:
>>>>>
>>>>> <junit printsummary="true" fork="yes">
>>>>><formatter type="xml" />
>>>>><sysproperty key="java.security.auth.login.config"
>>>>> value="${config.tests}/auth.conf"/>
>>>>><batchtest fork="yes" todir="${tests.report.dir}">
>>>>><fileset dir="${tests.dir}">
>>>>><include name="**/*Test*.class" />
>>>>></fileset>
>>>>></batchtest>
>>>>><classpath>
>>>>>...
>>>>> </classpath>
>>>>></junit>
>>>>>
>>>>>- auth.conf file :
>>>>>
>>>>> other
>>>>> {
>>>>> org.jboss.security.ClientLoginModule required;
>>>>> };
>>>>>
>>>>>
>>>>>- junit test case method (excerpt) :
>>>>> ...
>>>>> LoginContext lc = null;
>>>>> boolean loggedIn = false;
>>>>> try
>>>>> {
>>>>> AppCallbackHandler handler = new
>>>>> AppCallbackHandler("admin","admin".toCharArray());
>>>>> lc = new LoginContext("other", handler);
>>>>> lc.login();
>>>>> } catch (LoginException e)
>>>>> {assertTrue("login not ok"+e.getMessage(),false);}
>>>>> ... (call EJB methods though businness delegates )
>>>>>
>>>>>obs : the AppCallbackHandler is the one of JBoss tests.
>>>>>
>>>>>
>>>>>The client doesn't give me any error (during login) and the server gives
>>>>>me the following message :
>>>>>
>>>>>
>>>>>16:45:19,511 ERROR [SecurityInterceptor] Authentication exception,
>>>>>principal=null
>>>>>16:45:19,731 ERROR [SecurityInterceptor] Authentication exception,
>>>>>principal=null
>>>>>16:45:19,821 ERROR [SecurityInterceptor] Authentication exception,
>>>>>principal=null
>>>>>16:45:19,935 ERROR [SecurityInterceptor] Authentication exception,
>>>>>principal=null
>>>>>
>>>>>
>>>>>One question :
>>>>>
>>>>>with this steps done (if it's not missing nothing), may I call the
>>>>>ejb's methods without any other code, that the user context (principal)
>>>>>will be sent to the jboss server???
>>>>>
>>>>>obs: the jboss server, as I said before, uses ldap to authenticate and
>>>>>autorize, and it works very well for the tomcat embbeded. Correct me if
>>>>>i'm wrong, but for the client, it doens't matter what kind of jaas
>>>>>loginModule the server uses, isn't?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>-------------------------------------------------------
>>>>>This sf.net email is sponsored by:ThinkGeek
>>>>>Welcome to geek heaven.
>>>>>http://thinkgeek.com/sf
>>>>>_______________________________________________
>>>>>JBoss-user mailing list
>>>>>[EMAIL PROTECTED]
>>>>>https://lists.sourceforge.net/lists/listinfo/jboss-user
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>-------------------------------------------------------
>>>>This sf.net email is sponsored by:ThinkGeek
>>>>Welcome to geek heaven.
>>>>http://thinkgeek.com/sf
>>>>_______________________________________________
>>>>JBoss-user mailing list
>>>>[EMAIL PROTECTED]
>>>>https://lists.sourceforge.net/lists/listinfo/jboss-user
>>>>
>>>>
>>
>>
>>
>>-------------------------------------------------------
>>This sf.net email is sponsored by:ThinkGeek
>>Welcome to geek heaven.
>>http://thinkgeek.com/sf
>>_______________________________________________
>>JBoss-user mailing list
>>[EMAIL PROTECTED]
>>https://lists.sourceforge.net/lists/listinfo/jboss-user
>>
>
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
