Hi, You can use the "client-login" LoginModule for the JAAS login. As you mention, that this is a standalone client accessing an ejb, you would require a file(say myLogin.conf) containing the login modules as follows:
client-login{ | org.jboss.security.ClientLoginModule required; | }; | | other{ | org.jboss.security.auth.spi.UsersRolesLoginModule required; | }; In your code, you will do a JAAS login as follows: final String authFile = "myLogin.conf"; | System.setProperty("java.security.auth.login.config", authFile); | //System.setProperty("java.security.auth.login.config","jaas.crm"); | MyCallbackHandler handler = new MyCallbackHandler(userName,password); | LoginContext lc = new LoginContext("client-login",handler); | lc.login(); You would require a callback handler which will verify the username and password: public class MyCallbackHandler implements CallbackHandler { | | /** | * Username which will be set in the NameCallback, when NameCallback is handled | */ | private String username; | | /** | * Password which will be set in the PasswordCallback, when PasswordCallback is handled | */ | private String password; | | /** | * Constructor | * @param username The username | * @param password The password | */ | public MyCallbackHandler(String username, String password) { | this.username = username; | this.password = password; | } | | /** | * @param callbacks Instances of Callback<i>s</i> | * @throws IOException IOException | * @throws UnsupportedCallbackException If Callback is other than NameCallback or PasswordCallback | */ | public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { | | for (int i = 0; i < callbacks.length; i++) { | if (callbacks instanceof NameCallback) { | //if the Callback is for NameCallback, then set the name of the NameCallback to 'userName' | NameCallback nc = (NameCallback) callbacks; | nc.setName(username); | | } else if (callbacks instanceof PasswordCallback) { | //if the Callback is for PasswordCallback, then set the name of the PasswordCallback to 'password' | PasswordCallback pc = (PasswordCallback) callbacks; | pc.setPassword(password.toCharArray()); | | } else { | //if Callback is NOT NameCallback or PasswordCallback then throw UnsupportedCallbackException | throw new UnsupportedCallbackException(callbacks, "Unrecognized Callback"); | } | } | } | } View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3895106#3895106 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3895106 ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user