Search...
FAQs Subscribe
Pie
FAQs
Recent topics Flagged topics Hot topics Best topics
Search...
Search within Oracle/OAS Search Coderanch
Advance search Google search
Register / Login
permaculture playing cards
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
book review grid advertise on coderanch meaningless drivel thread boost building better world book
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Ron McLeod
  • paul wheaton
  • Jeanne Boyarsky
Sheriffs:
  • Paul Clapham
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
  • Himai Minh
Bartenders:

Help: LDAP Authentication x RMI

 
Mauricio Silva
Greenhorn
Posts: 11
posted 21 years ago
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
    Send
  • Quote
  • Report post to moderator
I'm using Oracle Internet Directory (OID) for authentication and authorization of the users of mine applications J2EE. However, I have some difficulties to make the authentication when I need to make a communication RMI between two applications in differents OC4J instances.
I configured a properties file ('jndi.properties') in an "client application" to make a call RMI for a SessionBean of a "server application".
<!-- jndi.properties -->
java.naming.factory.initial=com.evermind.server.rmi.RMIInitialContextFactory
java.naming.provider.url=ormi://server/app
java.naming.security.principal=<user>
java.naming.security.credentials=<password>
dedicated.connection=true
<!-- end -->
When the "Server Application" makes the authentication in a XML file (jazn-data.xml or principals.xml), this communication (authentication) works, and "client application" obtains to recoup the information of the OID through the "server application".
But, when I configure the "server application" to make the authentication in the OID (changing the orion-application.xml with 'jazn provider=ldap'), I receive the following error: "error Lookup: javax.naming.AuthenticationException: Invalid username/password ".
<!-- orion-application.xml >
...
<jazn provider="LDAP" location="ldap://<server>:<porta>" default-realm="jazn.com">
<jazn-web-app auth-method="SSO"/>
</jazn-->
...
<!-- end -->
I believe problem still around the permission that I need to grant to User in the OID, that reflect the jazn-policy following:
<!-- jazn-data.xml -->
...
<jazn-policy>
<grant>
<grantee>
<principals>
<principal>
<realm-name>jazn.com</realm-name>
<type>user</type>
<class>oracle.security.jazn.spi.xml.XMLRealmRole</class>
<name>jazn.com/myUser</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>login</name>
</permission>
</permissions>
</grant>
</jazn-policy>
...

Observe that the User/Password specified in the properties file (jndi.properties) exists in the OID and that this problem ONLY happens when I need to make communication RMI between two applications.
Can anybody help me ?
Mauricio Silva.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
reply
    Bookmark Topic Watch Topic
  • New Topic
Boost this thread!
Similar Threads
More...