[JBoss-user] [Security & JAAS/JBoss] - About Loing Model

Tue, 25 Jan 2005 06:42:29 -0800 

DatabaseServerLoginModule is used for login in my Application.

EJB can be access correctly by using JSP.
But I cannot login through Applet.
Could anyone tell me How I can call the secury EJB method by using Applet?

The deployment as following

login-config.xml   
   <application-policy name="Test">
  |       <authentication>
  |          <login-module 
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
  |             flag="required">
  |             <module-option 
name="dsJndiName">java:/oraDataSource</module-option>
  |             <module-option name="principalsQuery">select U_Password from 
users where U_Name=?</module-option>
  |             <module-option name="rolesQuery">select GM_Group, 'Roles' from 
groupmembers where GM_Member=?</module-option>
  |          </login-module>
  |       </authentication>
  |    </application-policy>

EJB

  jboss.xml  
<jboss>
  |   <security-domain>java:/jaas/Test</security-domain>
  |   <enterprise-beans>
  |   <session>
  |     <ejb-name>TestDisplay</ejb-name>
  |     <jndi-name>TestDisplay</jndi-name>
  |     <method-attributes>
  |       <method>
  |         <method-name>*</method-name>
  |         <transaction-timeout>3600</transaction-timeout>
  |       </method>
  |     </method-attributes>
  |   </session>
  |   </enterprise-beans>
  | </jboss>

   ejb-jar.xml
<ejb-jar>
  |   <enterprise-beans>
  |     <session>
  |       <ejb-name>TestDisplay</ejb-name>
  |       <home>TestDisplayHome</home>
  |       <remote>TestDisplay</remote>
  |       <ejb-class>TestDisplayBean</ejb-class>
  |       <session-type>Stateless</session-type>
  |       <transaction-type>Container</transaction-type>
  |       <security-role-ref>
  |          <role-name>guest</role-name>
  |          <role-link>guest</role-link>
  |       </security-role-ref>
  |       <security-identity>
  |          <run-as>
  |            <role-name>guest</role-name>
  |          </run-as>
  |       </security-identity>
  |     </session>      
  |   </enterprise-beans>
  |   
  |   <assembly-descriptor>
  |     <method-permission>
  |       <role-name>guest</role-name>
  |       <method>
  |         <ejb-name>TestDisplay</ejb-name>
  |         <method-name>*</method-name>
  |       </method>
  |     </method-permission>
  |   </assembly-descriptor>
  | </ejb-jar>

A Class for login in Applet:
      System.setProperty("java.security.auth.login.config", 
"c:/jaashowto/example/resources/auth.conf");
  |       System.setProperty(Context.INITIAL_CONTEXT_FACTORY, JNDI_FACTORY);
  |       System.setProperty(Context.PROVIDER_URL, providerUrl);
  |       String pwd = "password";
  | 
  |       char[] password = pwd.toCharArray();
  |       String name = "user";
  | 
  |       try
  |       {
  |          AppCallbackHandler handler = new AppCallbackHandler(name, 
password);
  |          LoginContext lc = new LoginContext("Test", handler);
  |          lc.login();
  |       }
  |       catch (LoginException e)
  |       {
  |     e.printStackTrace();
  |       }
      
The auth.conf as following:
Test {
  |      org.jboss.security.auth.spi.DatabaseServerLoginModule required;
  | };


The server return exception like this:
javax.security.auth.login.LoginException: javax.naming.NameNotFoundException: 
DefaultDS not bound
  |     at 
org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:110)
  |     at 
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:156)
  |     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  |     at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
  |     at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
  |     at java.lang.reflect.Method.invoke(Unknown Source)
  |     at javax.security.auth.login.LoginContext.invoke(Unknown Source)
  |     at javax.security.auth.login.LoginContext.access$000(Unknown Source)
  |     at javax.security.auth.login.LoginContext$4.run(Unknown Source)
  |     at java.security.AccessController.doPrivileged(Native Method)
  |     at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
  |     at javax.security.auth.login.LoginContext.login(Unknown Source)

Thank you

View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3863486#3863486

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3863486


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to