JSF Session Bean:
| public void securityCheck(){
| try {
|
| //This is null
| System.out.println("Principal: " + SecurityAssociation.getPrincipal());
| //This is null
| System.out.println("Credential: " + SecurityAssociation.getCredential());
| //This is correct for ALL use cases
| System.out.println("Remote User: " +
this.getContext().getExternalContext().getRemoteUser());
|
| Properties env = new Properties();
|
env.setProperty("java.naming.provider.url","jnp://10.0.0.135:1099");
| //when I use my username/password manually, this works fine
| // even when called in the JSF/Session bean. When commented
| // out for JAAS use, this doesnt work.
| //env.setProperty(Context.SECURITY_PRINCIPAL, manualusername);
| //env.setProperty(Context.SECURITY_CREDENTIALS, manualpassword);
| env.setProperty(Context.INITIAL_CONTEXT_FACTORY,
"org.jboss.security.jndi.JndiLoginInitialContextFactory");
| InitialContext ctx = new InitialContext(env);
| SecTest st = (SecTest )ctx.lookup("SecTestBean/remote");
|
| //make a secure EJB3 call
| //Again, works with correct manual username/password.
| //Behaves properly with incorrect manual username/password.
| //fails completely when trying to use JAAS as SecurityAssociation is null
|
| System.out.println(aM.hello());
| } catch(Exception e) {
| e.printStackTrace();
| }
| }
|
And, just for verification:
jboss-web.xml:
| <jboss-web>
| <security-domain>java:/jaas/testRealm</security-domain>
| </jboss-web>
|
web.xml
| ....
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>Required Only</web-resource-name>
| <description>Required Only</description>
| <url-pattern>/*</url-pattern>
| <http-method>POST</http-method>
| <http-method>GET</http-method>
| </web-resource-collection>
| <auth-constraint>
| <description>Define who can access this
url-pattern</description>
| <role-name>*</role-name>
| </auth-constraint>
|
| <user-data-constraint>
| <transport-guarantee>NONE</transport-guarantee>
| </user-data-constraint>
| </security-constraint>
|
| <login-config>
| <auth-method>BASIC</auth-method>
| <realm-name>Please log in</realm-name>
| </login-config>
|
| <!-- this is a known and proven role in the JAAS modules for our test user
-->
| <security-role>
| <role-name>developers</role-name>
| </security-role>
|
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3928293#3928293
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3928293
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
