• Post Reply Bookmark Topic Watch Topic
  • New Topic

JAAS in JBOSS  RSS feed

 
Ranch Hand
Posts: 391
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I am trying to implement JAAS in Jboss.
I use users.properties and roles.properties to define the users and roles.
I have two methods in my enterprise bean which is accessed from a servlet.
One method is fro User and other for Administrator.
My bean methods are as is as follows :


public int MultiTwoNumber() {

// get bean's caller using getCallerPrincipal()
java.security.Principal principal = context.getCallerPrincipal();
java.lang.String callerId= principal.getName();

// check if bean's caller is granted Administrator role
boolean isMgr = context.isCallerInRole("Administrator");

// only set supplied message if caller is "bob" or caller is granted Mgr role
if ( isMgr || callerId.equals("shankar") )
results =1;
else results=100*100;
// return results;

return results;
}


public int addTwoNumber() {

// get bean's caller using getCallerPrincipal()
java.security.Principal principal = context.getCallerPrincipal();
java.lang.String callerId= principal.getName();

// check if bean's caller is granted Administrator role
boolean isMgr = context.isCallerInRole("User");

// only set supplied message if caller is "bob" or caller is
granted Mgr role
if ( isMgr || callerId.equals("selva") )
results =200;
else results=1;
// return results;
return results;
}
}

However I get the following Exception:

[STDOUT] exception----RuntimeException; nested exception is:
java.lang.IllegalStateException: No security context set

Please Help,
Thanx in Advance,
Shankar.
 
Ranch Hand
Posts: 275
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There are a few deployment settings that you need to worry about, beyond just the users and roles files. The easiest thing to do would be to go to the JBoss web site and find the documentation for locking-down the console. They step you through commenting out some code in some of the deplyoment xml files. You, of course, would add those entries in those files.

--Dale--
 
shan Iyer
Ranch Hand
Posts: 391
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Dale,

My Deployment descriptors are all perfectly ok, which i double checked.

In fact it is also able to read the principals and roles from the properties files. I am also able to enter the beans methods.

But when it enconters the code :

java.security.Principal principal = context.getCallerPrincipal();

inside either of the 2 enterprise bean methods, it throws the runtime
exception :

java.lang.IllegalStateException: No security context set

I am really baffled, please help.
Thanx and regards,
Shankar
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Any updates on this. I am also facing the same "baffaling" problem.
 
Sheriff
Posts: 10447
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Please post the exact details of your application and also the scenario in which you are seeing this exception. Also, the contents of appropriate deployment descriptors will be great.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!