• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JBoss Security Context propagation

 
Andrey Rybak
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

Frederico Melo wrote:

JAAS' security propagation between containers is not well specified actually. This usually is done using a ThreadLocal class wich propagates the authenticated principal to the EJB's stub on a specific container manner.
Jboss client LoginModules uses the class org.jboss.security.SecurityAssociation to make this association. So, in your web LoginModule you have to set your authenticated principal to this class, like the example:

SecurityAssociation.setServer(); //use ThreadLocal

<On your login() method you should use:>

SecurityAssociation.setPrincipal(principal);
SecurityAssociation.setCredential(credential);
SecurityAssociation.setSubject(subject);




I've implemented this method my own LoginModule:



public class MyLoginModule extends DatabaseServerLoginModule
{
public MyLoginModule()
{
super();
SecurityAssociation.setServer();
}

public boolean login() throws LoginException
{
boolean login = super.login();

if (login)
{
SecurityAssociation.setPrincipal(getIdentity());
SecurityAssociation.setCredential(getCredentials());

subject.getPublicCredentials().add(getCredentials());
subject.getPrincipals().add(getIdentity());
SecurityAssociation.setSubject(subject);
}

return login;
}
}

I've also chained this login module with ClientLoginModule in my
login-config.xml.

Still I get no SecurityContext in my EJB:

(an exception message)
isCallerInRole() called with no security context. Check that a security-domain has been set for the application.

What's wrong ?
What do I need to do to set up a security domain ?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic