Win a copy of Pipeline as Code this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Rob Spoor
  • Henry Wong
  • Liutauras Vilda
Saloon Keepers:
  • Tim Moores
  • Carey Brown
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
Bartenders:
  • Frits Walraven
  • Himai Minh
  • Jj Roberts

JAAS-MBean Authentication

 
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That's the scenario:

1. I used to authenticate the client through org.jboss.security.ClientLoginModule and the code bellow:



2. I turned this client a MBean, using the same authentication code.
3. Now I got javax.security.
auth.login.FailedLoginException: Password Incorrect/Password Required when it is attemped to loginContext.login()

What needs to be changed now that my client moved to server side?

Thx a lot
 
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If I understand your question correctly, you should be able to take out all of the authentication stuff, because you are in the same JVM.
 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I tried that, but I got a couple of SessionBeans in my EJB container that need authentication to be used... in this situation, do you think I still don't have to login?
 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I just found out how it works: to login from a MBean (it's very weird I know), you have to use "client-login" as domain. Don't ask me why this thing only works like this, in my opinion could be a JBoss bug

// e.g.
LoginContext loginContext = new LoginContext("client-login", new Subject(), new SecurityAssociationHandler());
loginContext.login();

Thanks anyway,
Tiago
 
Jeff Shelley
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Crazy. And that works no matter what roles are required to access the ejb?
 
Tiago Fernandez
Ranch Hand
Posts: 167
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yes, no matter what roles are specified in EJB.
 
Put a gun against his head, pulled my trigger, now he's dead, that tiny ad sure bled
SKIP - a book about connecting industrious people with elderly land owners
https://coderanch.com/t/skip-book
reply
    Bookmark Topic Watch Topic
  • New Topic