Hi, i have a Problem with security on standalone Tomcat and JBoss.
But first, what I try to do:
I have a Google Web Toolkit (GWT) Application. The servercomponent of this GWT
app is a servlet. This GWT app is running on an standalone tomcat.
>From this servlet, I try to access a stateless session bean running on an
>remote JBoss server.
Without any security solutions, it's running fine.
Now I try to add some security to this system.
So the GWT app is authenticating against the tomcat server with a form base
authentication against an database.
The JBoss server is also authenticating against the same database (because on
tomcat and JBoss there should be the same users and roles).
My problem is, that tomcat does not populate the username und password from the
logged in principal to JBoss, so when calling my EJB, I have to do it in that
way (otherwise I get an authentication failed error):
| Properties env = new Properties();
| env.setProperty(Context.INITIAL_CONTEXT_FACTORY,
"org.jboss.security.jndi.JndiLoginInitialContextFactory");
| env.setProperty(Context.SECURITY_PRINCIPAL, "TestUser");
| env.setProperty(Context.SECURITY_CREDENTIALS, "password");
|
| InitialContext ctx;
| try {
| ctx = new InitialContext(env);
| connector = (MyBean) ctx.lookup("java:comp/env/ejb/MyBean");
| } catch (NamingException e) {
| //do something
| }
|
Does somebody have a solution for this problem?
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4243431#4243431
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4243431
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
