Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

How to login to the appserver (sun as8) from a standalone (not ACC) client  RSS feed

 
Alex Buehler
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The following in my code works until the create() method of the ManagementHome object is called:

Properties props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.enterprise.naming.SerialInitContextFactory");
props.put(Context.URL_PKG_PREFIXES, "com.sun.enterprise.naming");
props.put(Context.PROVIDER_URL, "iiop://localhost:1050");
InitialContext ic = new InitialContext(props);
Object ref = ic.lookup("ejb/mgmt/MEJB");
ManagementHome mgmtHome = (ManagementHome) PortableRemoteObject.narrow(ref, ManagementHome.class);
Management mgmt = mgmtHome.create();

After the create() method is called the following Permission is thrown:

Exception in thread "main" java.rmi.AccessException: CORBA NO_PERMISSION 0 No; nested exception is:
org.omg.CORBA.NO_PERMISSION: ----------BEGIN server-side stack trace----------
org.omg.CORBA.NO_PERMISSION: vmcid: 0x0 minor code: 0 completed: No
at com.sun.enterprise.iiop.security.SecServerRequestInterceptor.receive_request(SecServerRequestInterceptor.java:396)
at com.sun.corba.ee.impl.interceptors.InterceptorInvoker.invokeServerInterceptorIntermediatePoint(InterceptorInvoker.java:509)
..........

I think that I need to pack my code from above into some kind of privileged action using authentication so that it can be executed correctly. But I don�t have a clue on how to do that.

I read the following docs among others:
Securing J2EE Applications
http://java.sun.com/j2ee/1.4/docs/devguide/dgsecure.html
Authentication Using Custom Realms in Sun Java System Application Server
http://developers.sun.com/prodtech/appserver/reference/techart/as8_authentication/index.html
Developing Java Clients
http://docs.sun.com/source/819-0079/dgacc.html

But these didn�t give me the insight that I need to accomplish that task.

For my application to work I need to be able to login as admin into the fileRealm or admin-realm using a username/password mechanism. My application is a non application container client. I tried to use the ClientPasswordLoginModule and LoginContext included in AS8 but it didn�t work. Does someone knows how to use these and the LoginContextDriver correctly?

Does anybody has an idea how to solve this problem or could provide some example code?



Thanks in advance
Alex
 
Giju George
Ranch Hand
Posts: 333
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi ,
I tried with the below code and worked fine...

java.util.Hashtable env = new java.util.Hashtable();
env.putContext.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.cosnaming.CNCtxFactory");
env.put(Context.PROVIDER_URL, "corbaloc:iiop:<IP ADDRESS>:3700");
Context initial = new InitialContext(env);
Object obj = (Object) initial.lookup("/ejb/TestBean");
 
Alex Buehler
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
the problem is not to get the home object and narrow it, but to invoke the create() method. MEJB is the Management EJB object which allows to manage JMX enabled software. To get this object it is necessary to have privileges of the asadmin. my problem is to invoke this method as a privileged task and therefore i have to authenticate my application as admin using some login mechanism appropriate for a standalone (non application container client).

thank you anyway
alex
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!