• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Tim Cooke
  • Jeanne Boyarsky
  • Liutauras Vilda
Sheriffs:
  • Frank Carver
  • Henry Wong
  • Ron McLeod
Saloon Keepers:
  • Tim Moores
  • Frits Walraven
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Himai Minh

WL 8.1--- Custom security service

 
Ranch Hand
Posts: 39
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,
I have done the followin steps to deploy a custom authentication security provider.But it doesnt seem to work.
step1. wrote a MDF file and wrote a class that implements AuthenticationProvider that gives a custom login module as AppConfigurationEntry. I pack this in a jar with the MBeanMaker and put it in MbeanType folder of weblogic.
Step2. restart the server and at the console i set the control flag to optional.
step3. I write a client that access a bean. the code is as follows:
client:
System.setProperty("java.security.auth.login.config", (getClass().getResource("auth.conf")).toString());
System.setProperty("java.security.auth.policy", (getClass().getResource("test.policy")).toString());
Hashtable ht = new Hashtable();
ht.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
ht.put(Context.PROVIDER_URL, "t3://localhost:7001");
LoginContext lc = new LoginContext("try", new ConsoleCallbackHandler());
lc.login();
Object ref = c.lookup("test/TestBeanService");
TestBeanRemoteHome testH = (TestBeanRemoteHome) PortableRemoteObject.narrow(ref,TestBeanRemoteHome.class);
auth.conf:
try {
weblogic.security.auth.login.UsernamePasswordLoginModule required
debug=false;
};
The error is get is
*java.rmi.AccessException: [EJB:010160]Security Violation: User: '<anonymous>' has insufficient permission to access EJB: type=<ejb>, application=cx-TestBeanWL, module=cx-TestBeanWL, ejb=test/TestBeanService, method=create, methodInterface=Home, signature={}.*
How cud i get an error as *anonymous* user???
The Authenticate.authenticate(...) in the client login module calls which authentication service at the server??
I cudnt get a clear idea from the documentation.
thanks
Aravind
 
Ranch Hand
Posts: 75
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I see that you are setting the system property for the policy file and specifying it as test.policy

You need to give sufficient permissions in that policy file about the access that code can have.

Refer this link for further information
jjguidelines.dev.java.net/book/html/ch02s11.html

Thanks
MekaToka

[ September 01, 2004: Message edited by: meka toka ]
[ September 01, 2004: Message edited by: meka toka ]
 
The glass is neither half full or half empty. It is too big. But this tiny ad is just right:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic