aspose file tools*
The moose likes EJB and other Java EE Technologies and the fly likes ProgrammaticLogin in EJB - Oracle Glassfish 3.1 and JSP Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » EJB and other Java EE Technologies
Bookmark "ProgrammaticLogin in EJB - Oracle Glassfish 3.1 and JSP" Watch "ProgrammaticLogin in EJB - Oracle Glassfish 3.1 and JSP" New topic
Author

ProgrammaticLogin in EJB - Oracle Glassfish 3.1 and JSP

Sean Will
Greenhorn

Joined: Sep 14, 2011
Posts: 2
I have a JSP website that I used to allow the user to register for the site. They enter all of their information then submit it and I have an EJB that processes the request and saves the information to a MySQL database. I use a security realm in Glassfish to restrict access specific pages based on the users role. All of this functionality works. However, the problem that I have is that the user is not authenticated by JAAS once the user submits their registration information, so I created a login bean that I want to use to authenticate the new user so that they can begin to access the secure pages without having to login in separately. This is where the problem arises. I use the ProgrammaticLogin class to login to the "SecruityRealm" but I get an exception (see below).

package ejb3inaction.example.buslogic;

import com.sun.appserv.security.ProgrammaticLogin;
import ejb3inaction.example.EAO.LoginInfoFacadeLocal;
import ejb3inaction.example.persistence.LoginInfo;
import java.security.Principal;
import javax.annotation.Resource;
import javax.ejb.EJB;
import javax.ejb.SessionContext;
import javax.ejb.Stateless;

/**
*
* @author willise1
*/
@Stateless
public class LoginInfoSecurityBean implements LoginInfoSecurityBeanLocal {
@EJB LoginInfoFacadeLocal loginInfoEAO;
@Resource SessionContext context;

public LoginInfoSecurityBean() {
}

// Add business logic below. (Right-click in editor and choose
// "Insert Code > Add Business Method")

public void addUserToSecurityRealm(LoginInfo loginInfo) {
loginInfoEAO.create(loginInfo);
Principal p = context.getCallerPrincipal();
System.out.println(p.getName());
boolean loginSuccess;
ProgrammaticLogin p1 = new ProgrammaticLogin();
try{
loginSuccess = p1.login(loginInfo.getUsername(), loginInfo.getPassword(), "SecruityRealm", true); //I know that SecruityRealm is misspelled but this is correct

System.out.println("Login successful: " + loginSuccess);
} catch(Exception e){
System.out.println("Exception: " + e.getMessage());
}
//System.out.println("is caller in role? " + context.isCallerInRole("BIDDER"));
//context.
}

}

INFO: Exception: Login failed: Security Exception
WARNING: A system exception occurred during an invocation on EJB LoginInfoSecurityBean method public void ejb3inaction.example.buslogic.LoginInfoSecurityBean.addUserToSecurityRealm(ejb3inaction.example.persistence.LoginInfo)
javax.ejb.EJBException
at com.sun.ejb.containers.BaseContainer.processSystemException(BaseContainer.java:5193)
at com.sun.ejb.containers.BaseContainer.completeNewTx(BaseContainer.java:5091)
at com.sun.ejb.containers.BaseContainer.postInvokeTx(BaseContainer.java:4879)
at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:2039)
at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:1990)
at com.sun.ejb.containers.EJBLocalObjectInvocationHandler.invoke(EJBLocalObjectInvocationHandler.java:222)
at com.sun.ejb.containers.EJBLocalObjectInvocationHandlerDelegate.invoke(EJBLocalObjectInvocationHandlerDelegate.java:88)
at $Proxy298.addUserToSecurityRealm(Unknown Source)
at ejb3inaction.example.controller.ControllerServlet.processRequest(ControllerServlet.java:151)
at ejb3inaction.example.controller.ControllerServlet.doPost(ControllerServlet.java:192)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1539)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:343)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.netbeans.modules.web.monitor.server.MonitorFilter.doFilter(MonitorFilter.java:393)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:256)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:217)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:98)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:91)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:162)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:330)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:174)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:828)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:725)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1019)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:225)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:662)
Caused by: java.lang.IllegalStateException: No mapping available for role reference BIDDER
at com.sun.ejb.containers.EJBContextImpl.isCallerInRole(EJBContextImpl.java:463)
at ejb3inaction.example.buslogic.LoginInfoSecurityBean.addUserToSecurityRealm(LoginInfoSecurityBean.java:43)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.glassfish.ejb.security.application.EJBSecurityManager.runMethod(EJBSecurityManager.java:1052)
at org.glassfish.ejb.security.application.EJBSecurityManager.invoke(EJBSecurityManager.java:1124)
at com.sun.ejb.containers.BaseContainer.invokeBeanMethod(BaseContainer.java:5366)
at com.sun.ejb.EjbInvocation.invokeBeanMethod(EjbInvocation.java:619)
at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:800)
at com.sun.ejb.EjbInvocation.proceed(EjbInvocation.java:571)
at com.sun.ejb.containers.interceptors.SystemInterceptorProxy.doAround(SystemInterceptorProxy.java:162)
at com.sun.ejb.containers.interceptors.SystemInterceptorProxy.aroundInvoke(SystemInterceptorProxy.java:144)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.ejb.containers.interceptors.AroundInvokeInterceptor.intercept(InterceptorManager.java:861)
at com.sun.ejb.containers.interceptors.AroundInvokeChainImpl.invokeNext(InterceptorManager.java:800)
at com.sun.ejb.containers.interceptors.InterceptorManager.intercept(InterceptorManager.java:370)
at com.sun.ejb.containers.BaseContainer.__intercept(BaseContainer.java:5338)
at com.sun.ejb.containers.BaseContainer.intercept(BaseContainer.java:5326)
at com.sun.ejb.containers.EJBLocalObjectInvocationHandler.invoke(EJBLocalObjectInvocationHandler.java:214)
... 36 more
Sean Will
Greenhorn

Joined: Sep 14, 2011
Posts: 2
I understand the problem now. It appears that when you use the ProgrammaticLogin module it uses the default realm for the Glassfish server (3.1) and in my case that was set to fileRealm. I changed the default realm in in the Glassfish administration module to use my Security realm (JDBC) that I created and now login() method authenticates against this realm and I was able to login a new user programmatically.

However, I have another problem where the authentication is not passed from the EJB tier to the web tier (jsp page), but I think I already have the solution for that.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: ProgrammaticLogin in EJB - Oracle Glassfish 3.1 and JSP