Sorry, for cross-posting. I did the first posting to the wrong forum group.
-----------------------------------------------------------------------------------------
Hallo List!
I'd like to set up some security using JAAS and the DatabaseServerLoginModule for a
small demo-application. In contrast to others on this forum, I'd like to access the
EJBs not via JSPs but solely by a standalone client with GUI.
The problem is, that I get the following exception when my client application tries to
call the login() method of the loginContext:
anonymous wrote :
| javax.naming.NameNotFoundException: DefaultDS not bound
|
The client application is startet with:
anonymous wrote :
| java -classpath $CLASSPATH:$JBOSS_JAR_HOME:jndi/
| -Djava.security.manager
-Djava.security.policy=com/ejbemarketplace/clients/ejbemarketplace.policy
-Djava.security.auth.login.config=com/ejbemarketplace/clients/ejbemarketplace.conf
-Dlogin.configuration.provider=org.jboss.security.auth.login.XMLLoginConfig
com/ejbemarketplace/clients/MDIApplication
|
where JBOSS_JAR_HOME contains all files in /usr/local/jboss-3.2.3/client/ and in
addition the file /usr/local/jboss-3.2.3/server/default/lib/jbosssx.jar.
As far as I could figure out the client application hasn't sent any data to the JBoss
server at this point.
It would be very kind, if someone could give me a hint where I've made mistakes.
ng, martin
Subsequently I'll give you snipplets of source-files and the configuration-files in
use:
ejbemarketplace.policy:
| grant {
| permission java.security.AllPermission;
| };
|
ejbemarketplace.conf:
|
| ejbemarketplace {
| org.jboss.security.auth.spi.DatabaseServerLoginModule required;
| };
|
jndi.properties:
| java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
| java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
| java.naming.provider.url=localhost
|
The code used in the client application MDIApplication:
| private void jIFAuthenticateOKButtonActionPerformed(java.awt.event.ActionEvent
evt) {
| // Add your handling code here:
| try {
| eMarketCallbackHandler emch = new
eMarketCallbackHandler(jFormattedTextField3.getText(), jPasswordField1.getPassword());
| System.out.println("----- eMarketCallbackHandler emch created! ----");
| LoginContext loginContext = new LoginContext("ejbemarketplace", emch);
| System.out.println("----- LoginContext created ----");
| loginContext.login(); // this call causes the exception !!!!!!
| System.out.println("----- login accomplished ----");
|
| Subject subject = loginContext.getSubject();
| System.out.println("----- got subject ----");
|
| } catch (javax.security.auth.login.LoginException le) {
| System.out.println("MDIApplication:
jIFAuthenticateOKButtonActionPerformed(ActionEvent) le - " + //
| le.getMessage());
| }
| }
|
eMarketCallbackHandler.java:
| package com.ejbemarketplace.callbackhandler;
|
| import javax.security.auth.callback.Callback;
| import javax.security.auth.callback.NameCallback;
| import javax.security.auth.callback.PasswordCallback;
| import javax.security.auth.callback.UnsupportedCallbackException;
|
| public class eMarketCallbackHandler implements
javax.security.auth.callback.CallbackHandler {
|
| private String username;
| private char[] password;
|
| public eMarketCallbackHandler(String username, char[] password) {
| this.username = username;
| this.password = password;
| }
|
| public eMarketCallbackHandler(String username, String password) {
| this.username = username;
| this.password = password.toCharArray();
| }
|
| public void handle(Callback[] callback)
| throws java.io.IOException, UnsupportedCallbackException {
|
| for (int i = 0; i < callback.length; i++) {
| if (callback
| instanceof NameCallback) {
| NameCallback nc = (NameCallback) callback
| ;
| nc.setName(username);
| } else if (callback
| instanceof PasswordCallback) {
| PasswordCallback pc = (PasswordCallback) callback
| ;
| pc.setPassword(password);
| } else {
| throw new UnsupportedCallbackException(callback
| , "Unrecognized Callback");
| }
| }
| }
|
| }
|
At the server-side:
login-config.xml
| <application-policy name = "ejbemarketplace">
| <authentication>
| <login-module code =
"org.jboss.security.auth.spi.DatabaseServerLoginModule"
| flag = "required">
| <module-option name = "dsJndiName">java:/PostgresDS</module-option>
<!-- <module-option name = "dsJndiName">PostgreSQL</module-option> -->
| <module-option name = "principalsQuery">
| select passwd from customerejb where ucid=?
| </module-option>
| <module-option name= "rolesQuery">
| select userRoles,'Roles' from customerejb where ucid=?
| </module-option>
| </login-module>
| </authentication>
| </application-policy>
|
jboss.xml:
| :
| <container-configurations>
| <security-domain>java:/jaas/ejbemarketplace</security-domain>
| </container-configurations>
| :
|
|
The database in use is PostgresSQL. The database worked correctly before I tried to
fiddle about with JAAS.
jbosscmp-jdbc.xml:
| :
| <defaults>
| <datasource>java:/PostgresDS</datasource>
| <datasource-mapping>PostgreSQL</datasource-mapping>
| <create-table>true</create-table>
| <remove-table>false</remove-table>
| </defaults>
| :
|
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3837693#3837693
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3837693
-------------------------------------------------------
This SF.Net email is sponsored by the new InstallShield X.
>From Windows to Linux, servers to mobile, InstallShield X is the one
installation-authoring solution that does it all. Learn more and
evaluate today! http://www.installshield.com/Dev2Dev/0504
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
