Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JAAS-MBean Authentication

 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's the scenario:

1. I used to authenticate the client through org.jboss.security.ClientLoginModule and the code bellow:



2. I turned this client a MBean, using the same authentication code.
3. Now I got javax.security.
auth.login.FailedLoginException: Password Incorrect/Password Required when it is attemped to loginContext.login()

What needs to be changed now that my client moved to server side?

Thx a lot
 
Jeff Shelley
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If I understand your question correctly, you should be able to take out all of the authentication stuff, because you are in the same JVM.
 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I tried that, but I got a couple of SessionBeans in my EJB container that need authentication to be used... in this situation, do you think I still don't have to login?
 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I just found out how it works: to login from a MBean (it's very weird I know), you have to use "client-login" as domain. Don't ask me why this thing only works like this, in my opinion could be a JBoss bug

// e.g.
LoginContext loginContext = new LoginContext("client-login", new Subject(), new SecurityAssociationHandler());
loginContext.login();

Thanks anyway,
Tiago
 
Jeff Shelley
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Crazy. And that works no matter what roles are required to access the ejb?
 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, no matter what roles are specified in EJB.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic