Re: [JBoss-dev] JAAS with MDB

Wed, 30 Jan 2002 09:20:29 -0800 

Not that I can see. If we are the issue is the same. The current
SecurityInterceptor requires an authenticated caller even if a
security-identity with a run-as element is specified. You would
have to use the login module unauthenticatedIdentity option to
enable a bean to be used by unauthenticated users.

xxxxxxxxxxxxxxxxxxxxxxxx
Scott Stark
Chief Technology Officer
JBoss Group, LLC
xxxxxxxxxxxxxxxxxxxxxxxx
----- Original Message -----
From: "Brian Sondergaard" <[EMAIL PROTECTED]>
To: "jboss dev" <[EMAIL PROTECTED]>
Sent: Wednesday, January 30, 2002 3:34 AM
Subject: Re: [JBoss-dev] JAAS with MDB


> I may have misunderstood, but aren't we talking about "run-as" in the
> "security-identity"?
>
> ----- Original Message -----
> From: "Scott M Stark" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, January 29, 2002 6:06 PM
> Subject: Re: [JBoss-dev] JAAS with MDB
>
>
> > MDBs need a different SecurityInterceptor that does not attempt
> > to authenticate the caller as there is none defined. An extension
> > would allow the caller to be obtained from JMS message properties.
> > The properties could be specified in the jboss.xml descriptor in
> > the message-driven bean section.
> >
> > xxxxxxxxxxxxxxxxxxxxxxxx
> > Scott Stark
> > Chief Technology Officer
> > JBoss Group, LLC
> > xxxxxxxxxxxxxxxxxxxxxxxx
> > ----- Original Message -----
> > From: "Dave Smith" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Tuesday, January 29, 2002 2:08 PM
> > Subject: [JBoss-dev] JAAS with MDB
> >
> >
> > > I am trying to get a MDB working with JAAS. Currently when message
> > > delivery is attempted it throws an error Authentication exception,
> > > principal=null. Now in the jms-service.xml I have added
> > >
> > > <attribute name="PrincipalMappingProperties">
> > >          UserName=jboss
> > >          Password=jboss1
> > >       </attribute>
> > >
> > > but this does not do anything. I can not find any refences to this in
> > > either the free or purchased docs. Can some one point me in the right
> > > direction.
> > >
> > > time passes ...
> > >
> > >
> > > After further investigation it looks like it is not implemented. In
the
> > > JMSContainerInvoker it creates the method invocation with principal
and
> > > credential = null. Then when the SecurityInterceptor gets a hold of it
> > > barfs. The snip, line 976 of JMSContainerInvoker.java
> > >
> > > invoker.invoke(id,
> > >                 // Object id - where used?
> > >                 ON_MESSAGE,
> > >                 // Method to invoke
> > >                 new Object[]{message},
> > >                 // argument
> > >                 tm.getTransaction(),
> > >                 // Transaction
> > >                 null,
> > >                 // Principal
> > >                 null);
> > >                 // Cred
> > >
> > > How should I go about getting this to work?



_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development

Reply via email to