Hi Alexander.
Thanks for your opinion.
However I wanted detail solution. :-)
To solve this problem, I performed below steps.
1) I made a security domain.(login-config.xml)
<application-policy name = "Extra">
<login-module code =
"org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag = "required">
<!--<module-option name =
"unauthenticatedIdentity">guest</module-option>-->
<module-option name = "dsJndiName">java:/ExtraDS</module-option>
<module-option name = "principalsQuery">SELECT PW FROM EJB_USER
WHERE ID=?</module-option>
<module-option name = "rolesQuery">SELECT ROLE, 'ROLES' FROM
EJB_ROLE WHERE ID=?</module-option>
</login-module>
</application-policy>
2) I created table for roles and users and put corresponding informations with
my environment.
3) I set security domain(jboss.xml)
<security-domain>java:/jaas/Extra</security-domain>
4) I edited a ejb.jar
<assembly-descriptor >
<security-role>
<role-name>MyRole</role-name>
</security-role>
<method-permission>
<role-name>MyRole</role-name>
<ejb-name>FrontSample</ejb-name>
<method-name>*</method-name>
<ejb-name>Sample</ejb-name>
<method-name>*</method-name>
</method-permission>
</assembly-descriptor>
...
<security-identity><use-caller-identity/></security-identity>
<security-role-ref>
<role-name>MyRole</role-name>
</security-role-ref>
...
<security-role-ref>
<role-name>MyRole</role-name>
</security-role-ref>
5) My remote client code is :
lookupProp.put(Context.INITIAL_CONTEXT_FACTORY,"org.jnp.interfaces.NamingContextFactory");
lookupProp.put(Context.PROVIDER_URL, "jnp://" + prop.get("SERVER_IP") + ":" +
prop.get("LOOKUP_PORT"));
lookupProp.put(Context.SECURITY_PRINCIPAL, "admin");
lookupProp.put(Context.SECURITY_CREDENTIALS, "admin");
ctx = new InitialContext(lookupProp);
... code for lookup
6) Finally, A exception message(when called create() method) is :
java.rmi.ServerException: RemoteException occurred in server thread; nested
exception is:
java.rmi.ServerException: EJBException:; nested exception is:
javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=null
Now, I have a question. It is how to set id and password authenticating
identity.
Above code(no 5) uses Context.SECURITY_PRINCIPAL and
Context.SECURITY_CREDENTIALS to set id and password but as result, such
approach seems invalid. Otherwise I may use LoginContext to authenticate
indentity but It also seems to not support function for remote server.
How can I solve this problem?
Please help me.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3859213#3859213
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3859213
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
