Can anyone help me? I'm beginner with
JBoss and JAAS. I need to implement some kind of autentication system to my
EJB service. I have got EJB service to work, but autentication with JAAS (or JBossSX) has been produced lot of work and still anything doesn't work.
I need username password autentication. I have no idea how I should to continue with this.
Here are some clips from my configuration
login-config.xml
----------------------------------------------
<application-policy name="myServerLoginModule">
<authentication>
<login-module code="ejbtestjboss.MyServerLoginModule" flag="required" />
</authentication>
</application-policy>
------------------------------------------------
I have EJB named "Enterprise1" and I next clip is from my jboss.xml confuguration file
--------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 3.2//EN" "http://www.jboss.org/j2ee/dtd/jboss_3_2.dtd">
<jboss>
<security-domain>
java:/jaas/myServerLoginModule</security-domain>
<unauthenticated-principal>Unknown</unauthenticated-principal>
<enterprise-beans>
<session>
<ejb-name>Enterprise1</ejb-name>
<jndi-name>myServerLoginModule/Enterprise1</jndi-name>
</session>
</enterprise-beans>
</jboss>
------------------------------------------------------------
ejb-jar.xml looks like this:
I'm quite sure that here are some bugs, but I have collect this configurations from different sample apps.
--------------------------------------------------------------
?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">
<ejb-jar>
<display-name>EJBModule1</display-name>
<enterprise-beans>
<session>
<display-name>Enterprise1</display-name>
<ejb-name>Enterprise1</ejb-name>
<home>ejbtestjboss.Enterprise1Home</home>
<remote>ejbtestjboss.Enterprise1</remote>
<ejb-class>ejbtestjboss.Enterprise1Bean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<security-role-ref>
<role-name>User</role-name>
<role-link>User</role-link>
</security-role-ref>
<security-role-ref>
<role-name>Admin</role-name>
<role-link>Admin</role-link>
</security-role-ref>
<security-role-ref>
<role-name>Internal</role-name>
<role-link>Internal</role-link>
</security-role-ref>
<security-identity>
<run-as>
<role-name>Internal</role-name>
</run-as>
</security-identity>
</session>
</enterprise-beans>
<assembly-descriptor>
<security-role>
<role-name>Admin</role-name>
</security-role>
<security-role>
<role-name>User</role-name>
</security-role>
<security-role>
<role-name>Internal</role-name>
</security-role>
<method-permission>
<role-name>Internal</role-name>
<role-name>Admin</role-name>
<role-name>User</role-name>
<method>
<ejb-name>Enterprise1</ejb-name>
<method-name>*</method-name>
</method>
</method-permission>
<container-transaction>
<method>
<ejb-name>Enterprise1</ejb-name>
<method-name>*</method-name>
</method>
<trans-attribute>Required</trans-attribute>
</container-transaction>
</assembly-descriptor>
</ejb-jar>
------------------------------------------------------
auth.conf looks like this
-----------------------------------------------------
srp{
org.jboss.security.ClientLoginModule required
password-stacking="useFirstPass"
;
};
----------------------------------------------------
In my client application I create LoginContext like this:
String name = "test";
String pass = "pass";
char[] password = pass.toCharArray();
AppCallbackHandler handler = new AppCallbackHandler(name, password);
LoginContext lc = new LoginContext("srp", handler);
lc.login();
After this I create connection to the Enterprise1 EJB:
Hashtable environment = new Hashtable();
environment.put(Context.INITIAL_CONTEXT_FACTORY,
"org.jnp.interfaces.NamingContextFactory");
environment.put(Context.URL_PKG_PREFIXES,
"org.jboss.naming
rg.jnp.interfaces");
environment.put(Context.PROVIDER_URL, "jnp://192.168.1.5:1099");
Context context = new InitialContext(environment);
Object ref = context.lookup("myServerLoginModule/Enterprise1");
Enterprise1Home= enterprise1Home = (Enterprise1Home) PortableRemoteObject.narrow(ref, Enterprise1Home.class);
When I'm executing next line, the JBoss server throws Exception which is AutenticationException.
Enterprise1 enterprise1 = enterprise1Home.create();
I run my client application with next parameters:
-Djava.security.auth.login.config=auth.conf
What should I do next? It's obviously that server responds to the login because I have written my own login module, and login() method return always true. But I am not able to transfer username and password to the server.
My server login module looks like this:
package ejbtestjboss;
public class MyServerLoginModule extends
UsernamePasswordLoginModule{
public MyServerLoginModule();
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options);
public boolean login(){return true};
Hopefully someone could help me.
Miika
}