As documented, the RunAsLoginModule clears the run-as role when its commit() method is called so the scope of the run-as role is effectively only the login() phase. MedlemsregisterLoginModule needs to obtain the information for the getRoleSets call during the login phase. This is either its override of login(), or whatever authentication method is called within the scope of login().
xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx ----- Original Message ----- From: "Marius Kotsbak" <[EMAIL PROTECTED]> To: "Scott M Stark" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, October 08, 2002 11:15 AM Subject: [JBoss-user] RunAsLoginModule in 3.0.3 not working! > I can't see any effect of using that one: > > 2002-10-08 20:09:58,418 ERROR > [org.jboss.ejb.plugins.SecurityInterceptor] Authentication exception, > principal=null > 2002-10-08 20:09:58,477 ERROR > [org.jboss.ejb.plugins.SecurityInterceptor] Authentication exception, > principal=null > 2002-10-08 20:09:58,531 ERROR > [org.jboss.ejb.plugins.SecurityInterceptor] Authentication exception, > principal=null > 2002-10-08 20:09:58,533 ERROR [org.jboss.ejb.plugins.LogInterceptor] > EJBException, causedBy: > java.lang.SecurityException: Authentication exception, principal=null > at > >org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(SecurityInterceptor.java:173) > at > org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:94) > at > org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:129) > at > org.jboss.ejb.EntityContainer.invokeHome(EntityContainer.java:487) > at > >org.jboss.ejb.plugins.local.BaseLocalContainerInvoker.invokeHome(BaseLocalContainerInvoker.java:230) > at > org.jboss.ejb.plugins.local.LocalHomeProxy.invoke(LocalHomeProxy.java:110) > at $Proxy71.findByPhoneNumber(Unknown Source) > at > >no.boostcom.security.MedlemsregisterLoginModule.getPersonLocal(MedlemsregisterLoginModule.java:374) > at > >no.boostcom.security.MedlemsregisterLoginModule.getRoleSetsInt(MedlemsregisterLoginModule.java:171) > at > >no.boostcom.security.MedlemsregisterLoginModule.getRoleSets(MedlemsregisterLoginModule.java:69) > at > >org.jboss.security.auth.spi.AbstractServerLoginModule.commit(AbstractServerLoginModule.java:161) > >---------------------------------------------------------------------------------------------------- > > Part of login-config.xml: > > <application-policy name = "connectClientDomain"> > <authentication> > <login-module code = > "org.jboss.security.auth.spi.RunAsLoginModule" > flag = "required"> > <module-option name = > "roleName">LoginModule</module-option> > </login-module> > <login-module code = > "no.boostcom.security.MedlemsregisterLoginModule" > flag = "required"> > <module-option name = > "unauthenticatedIdentity">anybody</module-option> > </login-module> > </authentication> > </application-policy> > > > Has I done something wrong, or isn't this one working? Is there a > testcase for this feature? > > -- > Marius Kotsbak > Boost Communications A/S > Trondheim, Norway ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
