Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Client login on 3.2.5

 
Henrique Sousa
Ranch Hand
Posts: 92
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi everyone,

I know this is a very common subject everywhere, so I'll let you know that I have been through JBoss manuals, examples and some topics in Javaranch, including a How-To.
I did everything they tell, but still no success. My current status is: I have a web app accessing security through form authentication and j_security_check. This works, so I know the EJB layer configuration is fine, right? The problem is that I cannot log in from a client (swing) application.

Server config is as follows:

${JBOSS_HOME}/conf/login-config.xml

The ClientLoginModule options were an unsuccessful attempt, but I left them there just in case.

ejb-jar.xml (XDoclet-generated, snippet of the security configs for the test bean)


${MYAPP}/authentication.conf


${MYAPP}/policy.conf (the absence of this file made no difference at all)


Finally, my application login code. The first hint I received was to create my own CallbackHandler which would display a login dialog, exactly what I needed.


and the login code:


The How-To mentioned at the beginning of the post returned the same results, so I chose to stay with the vendor independent approach. The login frame is shown, however any value that I enter for user and pass do not raise exceptions at all. Then I try to invoke the EJB; the username is seen on the other side through EJBContext.getPrincipal().getName(), but EJBContext.isUserInRole("admin") throws this exception:


I'm sorry for such a long post, but all help is welcome.
[ November 04, 2004: Message edited by: Henrique Sousa ]
 
Henrique Sousa
Ranch Hand
Posts: 92
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Update

After double-checking JBoss/JAAS how-to, I added the the security-domain element to jboss.xml:


Then I added the appropriate method permissions to all beans, otherwise I would get an exception: "java.lang.SecurityException: No method permissions assigned to method=...".

This way I was able to log in. No more , just

I'll keep you posted if I missed some detail. I can barely believe I did it
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic