[JBoss-user] [Security & JAAS/JBoss] - LoginModule.login() passed null principal/credential from SL

Tue, 06 Jun 2006 02:28:59 -0700 

JaasSecurityManager.isValid(Principal principal, Object credential, Subject 
activeSubject) is being passed a null principal and credential, this in turn 
calls  my LoginModule.login() method with a null username and password. 

This only happens when the call to JaasSecurityManager.isValid() is made to 
check the security assoication on a stateless session bean, when 
JaasSecurityManager.logon() is called from my client loginContext.login(); call 
it works fine.

 So my question is, how do you get a EJB to pass the same credential and 
principal that was previously passed by the client?

Heres my client code:

  |          SecurityAssociationHandler handler = new 
SecurityAssociationHandler();
  |          Principal user = new MyPrincipal("username");
  |          handler.setSecurityInfo(user, "password".toCharArray());
  |          LoginContext loginContext = new LoginContext("other", handler);
  |          loginContext.login();
  |          Subject subject = loginContext.getSubject();
  |          Set principals = subject.getPrincipals();
  |          principals.add(user);
  | 

Heres my LoginModule code, this is called once by the code above (and works 
fine) and then a bit later on by JBoss to check the security on an SLSB call:
   public boolean login() throws LoginException
  |    {
  |       NameCallback name = new NameCallback("User name");
  |       PasswordCallback pwc = new PasswordCallback("Password",
  |                                                   false);
  | 
  |          callbackHandler.handle(new Callback[]{name, pwc});
  | // user is null when called from SSLB, but populated when called from 
client code above
  |          String user = name.getName();
  |          String pw = new String(pwc.getPassword());
  | ...
  |    }
  | 

I am really stuck and have googled for answers with no luck, the mosst help I 
could find was 
http://docs.jboss.org/jbossas/jboss4guide/r2/html/ch8.chapter.html#ch8.ejbsecrole.fig,
 thanks in advance for your help.

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3949303#3949303

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3949303


_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to