wood burning stoves 2.0*
The moose likes JBoss/WildFly and the fly likes JBoss Security Context propagation Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "JBoss Security Context propagation" Watch "JBoss Security Context propagation" New topic
Author

JBoss Security Context propagation

Andrey Rybak
Greenhorn

Joined: Jun 05, 2004
Posts: 5
Hello,

Frederico Melo wrote:

JAAS' security propagation between containers is not well specified actually. This usually is done using a ThreadLocal class wich propagates the authenticated principal to the EJB's stub on a specific container manner.
Jboss client LoginModules uses the class org.jboss.security.SecurityAssociation to make this association. So, in your web LoginModule you have to set your authenticated principal to this class, like the example:

SecurityAssociation.setServer(); //use ThreadLocal

<On your login() method you should use:>

SecurityAssociation.setPrincipal(principal);
SecurityAssociation.setCredential(credential);
SecurityAssociation.setSubject(subject);




I've implemented this method my own LoginModule:



public class MyLoginModule extends DatabaseServerLoginModule
{
public MyLoginModule()
{
super();
SecurityAssociation.setServer();
}

public boolean login() throws LoginException
{
boolean login = super.login();

if (login)
{
SecurityAssociation.setPrincipal(getIdentity());
SecurityAssociation.setCredential(getCredentials());

subject.getPublicCredentials().add(getCredentials());
subject.getPrincipals().add(getIdentity());
SecurityAssociation.setSubject(subject);
}

return login;
}
}

I've also chained this login module with ClientLoginModule in my
login-config.xml.

Still I get no SecurityContext in my EJB:

(an exception message)
isCallerInRole() called with no security context. Check that a security-domain has been set for the application.

What's wrong ?
What do I need to do to set up a security domain ?
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JBoss Security Context propagation