File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JBoss/WildFly and the fly likes JAAS-MBean Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "JAAS-MBean Authentication" Watch "JAAS-MBean Authentication" New topic
Author

JAAS-MBean Authentication

Tiago Fernandez
Ranch Hand

Joined: May 16, 2003
Posts: 167
That's the scenario:

1. I used to authenticate the client through org.jboss.security.ClientLoginModule and the code bellow:



2. I turned this client a MBean, using the same authentication code.
3. Now I got javax.security.
auth.login.FailedLoginException: Password Incorrect/Password Required when it is attemped to loginContext.login()

What needs to be changed now that my client moved to server side?

Thx a lot


Tiago Fernandez
http://www.tiago182.spyw.com/
Jeff Shelley
Ranch Hand

Joined: May 21, 2003
Posts: 70
If I understand your question correctly, you should be able to take out all of the authentication stuff, because you are in the same JVM.


It's almost Friday
Tiago Fernandez
Ranch Hand

Joined: May 16, 2003
Posts: 167
I tried that, but I got a couple of SessionBeans in my EJB container that need authentication to be used... in this situation, do you think I still don't have to login?
Tiago Fernandez
Ranch Hand

Joined: May 16, 2003
Posts: 167
I just found out how it works: to login from a MBean (it's very weird I know), you have to use "client-login" as domain. Don't ask me why this thing only works like this, in my opinion could be a JBoss bug

// e.g.
LoginContext loginContext = new LoginContext("client-login", new Subject(), new SecurityAssociationHandler());
loginContext.login();

Thanks anyway,
Tiago
Jeff Shelley
Ranch Hand

Joined: May 21, 2003
Posts: 70
Crazy. And that works no matter what roles are required to access the ejb?
Tiago Fernandez
Ranch Hand

Joined: May 16, 2003
Posts: 167
Yes, no matter what roles are specified in EJB.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JAAS-MBean Authentication