my dog learned polymorphism
The moose likes EJB and other Java EE Technologies and the fly likes security migration from weblogic to Jboss Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "security migration from weblogic to Jboss" Watch "security migration from weblogic to Jboss" New topic

security migration from weblogic to Jboss

Ahm Moh

Joined: Sep 22, 2004
Posts: 3
Hi All,

I'm new to Jboss, currently I'm trying to migrate my app from weblogic to jboss. My problem is that in my app, I got weblogic specific security code that I'm trying to convert into Jboss specific. I don't know what is Jboss equivalent security code. If any body know, please forward the equivalent code. I will really appreciate that.

Thanks in advance

Here is my weblogic specific code

import java.math.BigDecimal;
import javax.ejb.*;
import java.rmi.*;
import java.util.*;
import java.math.*;
import javax.servlet.http.*;

public class UserDelegate {

private UserSession session;
private static final Class homeClass =;

public UserBean getUser(HttpServletRequest request, String database) throws DataAccessException, RemoteException, AuthenticationException {
UserBean bean = null;
try {
ServiceLocator.getInitialContext(request.getParameter("username"), request.getParameter("password"));
if (hasRole("DI")) {
bean = session.getUser(request.getParameter("username"),database);
else {
throw new Exception("User does not have access to DI.");
catch (Exception e) {
throw new AuthenticationException("Could not validate user.");
return bean;

private static User getUser() {
return Security.getCurrentUser();

private static Collection getRoles() {
Collection roles = new ArrayList();
ListableRealm realm = (ListableRealm) getUser().getRealm();
Enumeration enum = realm.getGroups();
while (enum.hasMoreElements()) {
Group grp = (Group) enum.nextElement();
if ( (grp.getName() != "everyone") && (grp.isMember(getUser())) ) {
return roles;

private static boolean hasRole(String aRoleName) {
boolean hasRole = false;
Iterator iter = getRoles().iterator();
while (iter.hasNext()) {
if ( ((Group) ) {
hasRole = true;
return hasRole;

public static InitialContext getInitialContext(String userName, String password) throws javax.naming.AuthenticationException, ServiceLocatorException {
try {
Hashtable env = new Hashtable();
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, userName);
env.put(Context.SECURITY_CREDENTIALS, password);
return new InitialContext(env);
catch (javax.naming.AuthenticationException ae) {
throw ae;
catch (NamingException ne) {
throw new ServiceLocatorException("ServiceLocatorException (NamingException) while trying to get the InitialContext.");
catch (Exception e) {
throw new ServiceLocatorException("ServiceLocatorException (Unknown) while trying to get the InitialContext.");
Ajith Kallambella

Joined: Mar 17, 2000
Posts: 5782
Moving this discussion to "JBoss" forum...

Open Group Certified Distinguished IT Architect. Open Group Certified Master IT Architect. Sun Certified Architect (SCEA).
It is sorta covered in the JavaRanch Style Guide.
subject: security migration from weblogic to Jboss
It's not a secret anymore!