There is nothing special about security in a cluster. I have tried code similar to
what you describe
and it works fine against a clustered ejb accessed through the HAJNDI naming service.
The principal=null indicates that the call does not have a security context. Submit an
example
ear and two node cluster config description that fails with the indicated exception.
xxxxxxxxxxxxxxxxxxxxxxxx
Scott Stark
Chief Technology Officer
JBoss Group, LLC
xxxxxxxxxxxxxxxxxxxxxxxx
----- Original Message -----
From: "Brian Topping" <[EMAIL PROTECTED]>
To: "JBoss User List (E-mail)" <[EMAIL PROTECTED]>
Sent: Tuesday, June 10, 2003 3:19 AM
Subject: [JBoss-user] JBossSX in a cluster
Hi all,
I'm just bringing up my code completely under a cluster for the first time
and running into some issues with authentication. Maybe others have seen
this before and can make some comments.
The environment is set up with two login modules under one JAAS realm, both
set as "sufficient". One of them is a database driven module (which I
believe can be ignored for this discussion), the other is with the
UsersRolesLoginModule. All the configuration and code is very robust in an
unclustered environment, it seems I'm just having problems with getting
authenticated across the cluster. I haven't been able to find anything in
the paid docs nor the list archives that addresses issues regarding
authentication in a cluster.
Right now, I am just trying have some client code in the web container of one
of the machines call a stateless session bean on each server. When I set up
my LoginContext with properties of the localhost:1099, the authentication
succeeds and the stateless session bean on the local machine is accessible,
but a SLSB on the remote host is not.
So I figured that the right thing to do was to point the properties for the
InitialContext at the HA-JNDI (port 1100), since HA-JNDI first tries the
local JNDI, then delegates if it can't find the binding locally. But that
fails. It must find the UsersRolesLoginModule okay, because it complains if
the users.properties/roles.properties are missing. But when the properties
files are in place, they do not have the desired effect -- an
AuthenticationException with principal=null is thrown.
My code looks like:
Properties params = new Properties();
params.put(Context.INITIAL_CONTEXT_FACTORY,
"org.jnp.interfaces.NamingContextFactory");
params.put(Context.PROVIDER_URL, "localhost:1100");
params.put(Context.URL_PKG_PREFIXES,
"org.jboss.naming:org.jnp.interfaces");
AppCallbackHandler handler
= new AppCallbackHandler("initial", "initial");
LoginContext lc = new LoginContext("Bill2Realm", handler);
lc.login();
// Obtain initial context
javax.naming.InitialContext initialContext
= new javax.naming.InitialContext(params);
UserManagerHome userManagerHome = null;
try {
Object objRef
= initialContext.lookup(UserManagerHome.JNDI_NAME);
userManagerHome
= (UserManagerHome)PortableRemoteObject.narrow
(objRef, UserManagerHome.class);
} finally {
initialContext.close();
}
UserManager um = userManagerHome.create();
// do something nice here...
Does this ring a bell for anyone? Do I need to configure JAAS to have an
auth master in the cluster that I am overlooking? Other than what I did for
an unclustered environment, I haven't done anything special to the login
configuration.
Any ideas appreciated, thanks!!
Brian
-------------------------------------------------------
This SF.NET email is sponsored by: eBay
Great deals on office technology -- on eBay now! Click here:
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
