> Hi All,
>
> what is the reason that, when lc.login() is not giving any authentication
> exception, and when i try to call home.create() gives this exception?
>
> Details:
>
>
> I am really desperate to solve this trouble. I am using JBoss2.4.4 Tomcat
> 3.2.3 and trying to implement UsersRolesLoginModule.
> I have given security-domain tag in jboss.xml:
>
> <security-domain>java:/jaas/print</security-domain>
>
> and for this i have a corresponding auth.conf entry:
>
> print {
>
> org.jboss.security.auth.spi.UsersRolesLoginModule required
> unauthenticatedIdentity=nobody
> ;
> };
>
>
> and the auth.conf for client is
>
> other {
> // Put your login modules that work without jBoss here
>
> // jBoss LoginModule
> org.jboss.security.ClientLoginModule required;
>
> // Put your login modules that need jBoss here
> };
>
> Is this enough to bind the security manager with jndi-name
> java:/jaas/print ?
> I have this doubt b'cos in server console i get like this:
>
> 2002-06-05 23:56:00,685 INFO - startService,
> securityMgrCtxPath=java:/jaas
> 2002-06-05 23:56:00,685 INFO - startService,
> cachePolicyCtxPath=java:/timedCacheFactory
> 2002-06-05 23:56:00,685 INFO - startService,
> SecurityProxyFactory=org.jboss.security.SubjectSecurityProxyFactory@409554
>
> Also,
>
> I have code piece calling the lookup() method like:
>
> OrgMgrHome home = (OrgMgrHome)lookUp("OrgMgr",
> OrgMgrHome.class);
> return home.create();
>
>
> My Code for lookup() method does this:
>
> LoginContext lc = new LoginContext("other", new
> CallHandler(userName, pass));
> lc.login();
>
> Subject sub = lc.getSubject();
>
> System.out.println("Subject is " + sub.toString());
>
> java.util.Set set = sub.getPrincipals();
> System.out.println("set size is " + set.size());
>
> java.util.Iterator it = set.iterator();
> while(it.hasNext())
> {
> Principal p = (Principal) it.next();
> System.out.println("Principal is " +
> p.getName());
> }
>
> Properties props = new Properties();
> props.put(Context.INITIAL_CONTEXT_FACTORY,
> initialContextFactory);
> if (urlString != null)
> {
> if (isDebugOn())
> {
>
> Log.debug("getInitialContext: urlString=" + urlString);
> }
> props.put(Context.PROVIDER_URL, urlString);
> return new InitialContext(props);
> }
>
>
> My CallbackHandler implementation is :
>
> public void handle(Callback[] callback)
> {
>
> try
> {
> for(int i=0; i<callback.length; i++)
> {
> if(callback[i] instanceof NameCallback)
> {
> text = (NameCallback) callback[i];
> text.setName(userName);
> System.out.println("text value is "
> + text);
> }
> if(callback[i] instanceof PasswordCallback)
> {
> passwd = (PasswordCallback)
> callback[i];
> passwd.setPassword(password);
> System.out.println("passwd value is
> " + passwd);
> }
> }
>
> System.out.println("Finished handle method in
> CallHandler");
>
> }catch(Exception e)
> {
> e.printStackTrace();
> System.out.println("Authentication failed
> ........");
> }
> }
>
> and my users.properties has
>
> appuser=4colorprint
>
> and roles.properties has
>
> appuser.myrolegroup=administrator
>
> I have given method permissions in ejb-jar.xml like:
>
> <assembly-descriptor>
>
> <security-role>
> <role-name>admin</role-name>
> </security-role>
>
> <method-permission>
> <role-name>admin</role-name>
> <method>
> <ejb-name>OrgMgr</ejb-name>
> <method-name>*</method-name>
> </method>
> </method-permission>
> .
> .
> .
> </assembly-descriptor>
>
> when i am trying to access the bean, it gives,
>
> Subject is Subject:
> Principal: appuser
> Principal: Roles
> Principal: myrolegroup
>
> set size is 3
> Principal is appuser
> Principal is Roles
> Principal is myrolegroup
>
> 2002-06-05 23:56:44,371 ERROR - Insufficient method permissions,
> principal=null, method=create, requiredRoles=[admin], principalRoles=
> []
> java.rmi.RemoteException: checkSecurityAssociation; nested exception is:
> java.lang.SecurityException: Insufficient method permissions,
> principal=null, method=create, requiredRoles=[admin], principalR
> oles=[]
> java.lang.SecurityException: Insufficient method permissions,
> principal=null, method=create, requiredRoles=[admin], principalRoles=[]
> at
> org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityAssociation(Securit
> yInterceptor.java:231)
> at
> org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.j
> ava:91)
> at
> org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:103)
> at
> org.jboss.ejb.StatelessSessionContainer.invokeHome(StatelessSessionContain
> er.java:268)
> at
> org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker.invokeHome(JRMPCont
> ainerInvoker.java:456)
> at
> org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invokeHome(HomeProxy.java:
> 237)
> at
> org.jboss.ejb.plugins.jrmp.interfaces.HomeProxy.invoke(HomeProxy.java:182)
> at $Proxy127.create(Unknown Source)
> at com.zeborg.print.web.OrgMgrWB.getRemoteRef(OrgMgrWB.java:111)
> at com.zeborg.print.web.OrgMgrWB.getUserOrg(OrgMgrWB.java:247)
> at
> jsp.zeborg.sso._0002fjsp_0002fzeborg_0002fsso_0002flogin_0002dprint_0002ej
> splogin_0002dprint_jsp_21._jspService(_0002fjsp_0
> 002fzeborg_0002fsso_0002flogin_0002dprint_0002ejsplogin_0002dprint_jsp_21.
> java:255)
> at
> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:119)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
> org.apache.jasper.servlet.JspServlet$JspCountedServlet.service(JspServlet.
> java:130)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
> org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.
> java:282)
> at
> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429)
> at
> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:500)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
> org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java:405)
> at org.apache.tomcat.core.Handler.service(Handler.java:287)
> at
> org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java:372)
> at
> org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:
> 812)
> at
> org.apache.tomcat.core.ContextManager.service(ContextManager.java:758)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(Htt
> pConnectionHandler.java:213)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501)
> at java.lang.Thread.run(Thread.java:484)
>
> what is the reason that, when lc.login() is not giving any authentication
> exception, and when i try to call home.create() gives this exception?
> Warm Regards,
> Deepa Annamalai
> Virtusa (Pvt) Ltd.,
> 3rd Floor, My Home Tycoon,
> Begumpet,
> Hyderabad, AP
> India - 500 016.
> +91-40-3414200 ext 135/136
> [EMAIL PROTECTED]
>
_______________________________________________________________
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
