Win a copy of TDD for a Shopping Website LiveProject this week in the Testing forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

JAAS-MBean Authentication

 
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That's the scenario:

1. I used to authenticate the client through org.jboss.security.ClientLoginModule and the code bellow:



2. I turned this client a MBean, using the same authentication code.
3. Now I got javax.security.
auth.login.FailedLoginException: Password Incorrect/Password Required when it is attemped to loginContext.login()

What needs to be changed now that my client moved to server side?

Thx a lot
 
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If I understand your question correctly, you should be able to take out all of the authentication stuff, because you are in the same JVM.
 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I tried that, but I got a couple of SessionBeans in my EJB container that need authentication to be used... in this situation, do you think I still don't have to login?
 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I just found out how it works: to login from a MBean (it's very weird I know), you have to use "client-login" as domain. Don't ask me why this thing only works like this, in my opinion could be a JBoss bug

// e.g.
LoginContext loginContext = new LoginContext("client-login", new Subject(), new SecurityAssociationHandler());
loginContext.login();

Thanks anyway,
Tiago
 
Jeff Shelley
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Crazy. And that works no matter what roles are required to access the ejb?
 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yes, no matter what roles are specified in EJB.
 
I'm sure glad that he's gone. Now I can read this tiny ad in peace!
Free, earth friendly heat - from the CodeRanch trailboss
https://www.kickstarter.com/projects/paulwheaton/free-heat
reply
    Bookmark Topic Watch Topic
  • New Topic