Win a copy of Spring Boot in Practice this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Liutauras Vilda
  • Henry Wong
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Al Hobbs
  • Carey Brown
Bartenders:
  • Piet Souris
  • Mikalai Zaikin
  • Himai Minh

JBoss EJB Security with credentials from database

 
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I've succesfully deployed an EJB on my JBoss 5.0.1 (including a MySQL datasource for EntityManager). Now I have one last problem before I can start really implementing the business logic itself: Security. I need to use credentials stored in a database (as the users may change every once in a while it doesn't seem like a good idea storing them in a config file) and I would like to use the JBoss EJB Security features. I've done a google search, but I didn't really find a good tutorial on how to do the database-based security check... It would be really great if someone could give me a little shove in the right direction...

Thanks in advance,

Flo
 
Florian Schaetz
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ok, after searching a while longer, I found enough hints on how to use the DatabaseServerLoginModule (Am I the only one who thinks that the whole xml-configuration thing is much more time-consuming than the actual coding?). And I noticed that this was the wrong subforum anyway (sorry for that).
 
author
Posts: 5856
7
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Florian, welcome to Java Ranch!

Thank you for posting the solution to your question.
 
Sheriff
Posts: 10445
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Florian Schaetz wrote:Ok, after searching a while longer, I found enough hints on how to use the DatabaseServerLoginModule (Am I the only one who thinks that the whole xml-configuration thing is much more time-consuming than the actual coding?).


That annoys me too!
 
Florian Schaetz
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Just in case someone searches for the same thing, here some pointers:

In /server/default/conf/login-config.xml (or something else, if you don't use default), a new application-policy must be added:



DatabaseServerLoginModule tells JBoss to search for the passwords and roles in the database, dsJndiName tells it, what Datasource to use, the both queries must return a password and the roles. The 'Roles' in the second queries has to be there for JBoss.

In the Application, one can use @SecurityDomain("mysqlLogin") for the bean and @RolesAllowed( { "Role1", "Role1" }) for methods or the whole class. It is also possible to ask for the roles by adding...



In the EJB, the sessionContext can be asked sessionContext.isCallerInRole("Role1") for example. Suprisingly, that's pretty much everything I needed (at least, to get it started, of course the possibilities are nearly endless).
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic