Hello!
I'm using a remote java client and here's the client side test code;
| Hashtable<String,String> jndiProps=new Hashtable<String, String>();
| jndiProps.put(Context.INITIAL_CONTEXT_FACTORY,
"org.jnp.interfaces.NamingContextFactory");
| jndiProps.put(Context.PROVIDER_URL, "jnp://localhost:1099");
| jndiProps.put(Context.URL_PKG_PREFIXES,
"org.jboss.naming:org.jnp.interfaces");
|
| InitialContext initialContext;
| try {
| SecurityClient securityClient =
SecurityClientFactory.getSecurityClient();
| securityClient.setSimple("jamai", "jamai1");
| securityClient.login();
| initialContext = new InitialContext(jndiProps);
|
| Object obj=initialContext.lookup("test/SecTestBean/remote");
| SecTest ops=(SecTest)PortableRemoteObject.narrow(obj, SecTest.class);
| String currentUser=ops.getCurrentUser("jamai");
| System.out.println(currentUser);
| } catch (Exception e) {
| e.printStackTrace();
| }
|
And then here's a basic login module used just for testing this case, it does
not perform the actual authentication;
| package test.ejb;
|
| import java.security.Principal;
| import java.security.acl.Group;
| import java.util.Map;
|
| import javax.security.auth.Subject;
| import javax.security.auth.callback.Callback;
| import javax.security.auth.callback.CallbackHandler;
| import javax.security.auth.callback.NameCallback;
| import javax.security.auth.callback.PasswordCallback;
| import javax.security.auth.login.LoginException;
|
| import org.jboss.security.SimpleGroup;
| import org.jboss.security.SimplePrincipal;
| import org.jboss.security.auth.spi.AbstractServerLoginModule;
|
| public class BypassLogin extends AbstractServerLoginModule{
| private boolean debug;
| private Principal identity;
| private SimpleGroup userRoles;
| private SimpleGroup callerPrincipal;
| private String userName;
|
| @Override
| protected Principal getIdentity() {
| return identity;
| }
|
| @Override
| protected Group[] getRoleSets() throws LoginException {
| return new Group[] { userRoles, callerPrincipal };
| }
|
| /////////////////////////////
|
| public void initialize(Subject subject, CallbackHandler
callbackHandler, Map sharedState, Map options) {
| super.initialize(subject,callbackHandler, sharedState,
options);
| this.userRoles = new SimpleGroup( "Roles" );
| this.callerPrincipal=new SimpleGroup("CallerPrincipal");
| }
|
| /**
| * Handle the login. Remember to set the loginOk boolean when
successful
| * @return true if login was successful
| */
| public boolean login() throws LoginException {
| String username = null;
| String password = null;
|
| if( identity == null ) {
| if( callbackHandler == null ) {
| throw new LoginException( "No callback handler
for login");
| }
|
| NameCallback nc = new NameCallback("Name:", "guest");
| PasswordCallback pc = new PasswordCallback("Password:",
false);
| Callback[] callbacks = {nc, pc};
|
| try {
| callbackHandler.handle(callbacks);
| username = nc.getName();
| if(username==null) throw new
LoginException("User name is null.");
| char[] tmpPassword = pc.getPassword();
| if( tmpPassword != null ) {
| password = new String(tmpPassword);
| }
| }
| catch(LoginException e) {
| if(debug)System.out.println(e.getMessage());
| throw e;
| }
| catch ( Exception e ) {
| if(debug)e.printStackTrace();
| throw new LoginException( "Error in login;
"+e.getMessage());
| }
|
| this.userName=username;
| }
|
| loginOk = true;
| return true;
| }
|
| private void authorize(String userName) throws LoginException {
| try {
| identity = createIdentity(userName);
| } catch (Exception e) {
| throw new LoginException("Error creating identity;
"+e.getMessage());
| }
|
| callerPrincipal.addMember(new SimplePrincipal(userName));
| userRoles.addMember(new SimplePrincipal("delos"));
| }
|
| @Override
| public boolean commit() throws LoginException {
| authorize(userName);
| return true;
| }
| }
|
And then the simple server side bean;
| package test.ejb;
|
| import java.security.Principal;
|
| import javax.annotation.Resource;
| import javax.ejb.Remote;
| import javax.ejb.SessionContext;
| import javax.ejb.Stateless;
|
| @Stateless
| @org.jboss.ejb3.annotation.SecurityDomain(value="bypass")
| @Remote(SecTest.class)
| public class SecTestBean implements SecTest {
| @Resource
| private SessionContext ctx;
|
| public String getCurrentUser(String thoughtUserName) throws Exception {
| Principal principal=ctx.getCallerPrincipal();
| if(!thoughtUserName.equals(principal.getName())) throw new
Exception("MISMATCHING CTX.PRINCIPAL USER;
"+thoughtUserName+"!="+principal.getName());
| return principal.getName();
| }
| }
|
So i checked the situation at server side, and the principal is "" when the
client first time is run, and also the credientals returned by
SecurityAssociation are also null.
Maybe I have missed something in the login module development, because after
succesfull login the principal and credientals exist correctly.
Br, Janne
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4220484#4220484
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4220484
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
