This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes JBoss/WildFly and the fly likes JAAS-MBean Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » JBoss/WildFly
Bookmark "JAAS-MBean Authentication" Watch "JAAS-MBean Authentication" New topic
Author

JAAS-MBean Authentication

Tiago Fernandez
Ranch Hand

Joined: May 16, 2003
Posts: 167
That's the scenario:

1. I used to authenticate the client through org.jboss.security.ClientLoginModule and the code bellow:



2. I turned this client a MBean, using the same authentication code.
3. Now I got javax.security.
auth.login.FailedLoginException: Password Incorrect/Password Required when it is attemped to loginContext.login()

What needs to be changed now that my client moved to server side?

Thx a lot


Tiago Fernandez
http://www.tiago182.spyw.com/
Jeff Shelley
Ranch Hand

Joined: May 21, 2003
Posts: 70
If I understand your question correctly, you should be able to take out all of the authentication stuff, because you are in the same JVM.


It's almost Friday
Tiago Fernandez
Ranch Hand

Joined: May 16, 2003
Posts: 167
I tried that, but I got a couple of SessionBeans in my EJB container that need authentication to be used... in this situation, do you think I still don't have to login?
Tiago Fernandez
Ranch Hand

Joined: May 16, 2003
Posts: 167
I just found out how it works: to login from a MBean (it's very weird I know), you have to use "client-login" as domain. Don't ask me why this thing only works like this, in my opinion could be a JBoss bug

// e.g.
LoginContext loginContext = new LoginContext("client-login", new Subject(), new SecurityAssociationHandler());
loginContext.login();

Thanks anyway,
Tiago
Jeff Shelley
Ranch Hand

Joined: May 21, 2003
Posts: 70
Crazy. And that works no matter what roles are required to access the ejb?
Tiago Fernandez
Ranch Hand

Joined: May 16, 2003
Posts: 167
Yes, no matter what roles are specified in EJB.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JAAS-MBean Authentication
 
Similar Threads
JAAS With JBOSS: My How-To Tutorial
JAAS: Unable to locate a login configuration
Very frustrated with no idea how to check logins
EJB Security: Not getting correct name in Principal
Problem with JAAS(WebApp) and EJB3.0 and Jboss 5.1.0.GA