[jboss-user] [Security & JAAS/JBoss] - Re: JAAS Authentication from stand alone client

Tue, 02 Sep 2008 01:23:07 -0700 

Hi, 

Thanks for the reply and Now I changed my LoginModule to remove the ejb call 
and ti works perfectly .  again few more clarifications will be helpfull


I have deployed my application as a folder, which contains multiple jar files. 
and I have specified <security-domain> for only one jar  that is security.jar.  
 Now the authentication is successfull and my commit  method looks like below

        
  | 
  | public boolean commit() throws LoginException {
  |       if (isloginSucceeded) {
  |             try{
  |       Set principals = subject.getPrincipals();
  |       principals.add(principal);
  |       Group[] roleSets = getRoleSets();
  |       for(int g = 0; g < roleSets.length; g ++) {
  |                         Group group = roleSets[g];
  |             String name = group.getName();
  |             Group subjectGroup = createGroup(name, principals);
  |            if( subjectGroup instanceof NestableGroup )       {
  |                 SimpleGroup tmp = new SimpleGroup("Roles");
  |                 subjectGroup.addMember(tmp);
  |                 subjectGroup = tmp;
  |            }
  |            Enumeration members = group.members();
  |            while( members.hasMoreElements() ) {
  |                 Principal role = (Principal) members.nextElement();
  |                        subjectGroup.addMember(role);
  |            }
  |       }
  |      isprincipalsInSubject = true;
  |           }catch(Exception e){
  |     e.printStackTrace();
  |          }
  |          return true;
  |      } else {
  |     return false;
  |      }
  | }
  |     

Now,   I want to lookup a ejb of my security.jar from another jar file. I added 
correct <security-role-ref> entries   but I am getting the error as 

anonymous wrote :       Caused by: javax.security.auth.login.LoginException: 
Username not supplied.
  |         at 
com.ibsplc.iRes.security.jboss.db.JDbLoginModuleImpl.throwLoginException(JDbLoginModuleImpl.java:322)
  |         at 
com.ibsplc.iRes.security.jboss.db.JDbLoginModuleImpl.getUserName(JDbLoginModuleImpl.java:368)
  |         at 
com.ibsplc.iRes.security.jboss.db.JDbLoginModuleImpl.login(JDbLoginModuleImpl.java:164)
        

So it is again calling CallBackHandler for getting the username and password.  
How can I avoid this? How can I cache the Callback details. 


Thanks in advance


View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4173674#4173674

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4173674
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to