Hi,
You can use the "client-login" LoginModule for the JAAS login. As you mention,
that this is a standalone client accessing an ejb, you would require a file(say
myLogin.conf) containing the login modules as follows:
client-login{
| org.jboss.security.ClientLoginModule required;
| };
|
| other{
| org.jboss.security.auth.spi.UsersRolesLoginModule required;
| };
In your code, you will do a JAAS login as follows:
final String authFile = "myLogin.conf";
| System.setProperty("java.security.auth.login.config", authFile);
| //System.setProperty("java.security.auth.login.config","jaas.crm");
| MyCallbackHandler handler = new
MyCallbackHandler(userName,password);
| LoginContext lc = new LoginContext("client-login",handler);
| lc.login();
You would require a callback handler which will verify the username and
password:
public class MyCallbackHandler implements CallbackHandler {
|
| /**
| * Username which will be set in the NameCallback, when NameCallback is
handled
| */
| private String username;
|
| /**
| * Password which will be set in the PasswordCallback, when
PasswordCallback is handled
| */
| private String password;
|
| /**
| * Constructor
| * @param username The username
| * @param password The password
| */
| public MyCallbackHandler(String username, String password) {
| this.username = username;
| this.password = password;
| }
|
| /**
| * @param callbacks Instances of Callback<i>s</i>
| * @throws IOException IOException
| * @throws UnsupportedCallbackException If Callback is other than
NameCallback or PasswordCallback
| */
| public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
|
| for (int i = 0; i < callbacks.length; i++) {
| if (callbacks instanceof NameCallback) {
| //if the Callback is for NameCallback, then set the name of
the NameCallback to 'userName'
| NameCallback nc = (NameCallback) callbacks;
| nc.setName(username);
|
| } else if (callbacks instanceof PasswordCallback) {
| //if the Callback is for PasswordCallback, then set the
name of the PasswordCallback to 'password'
| PasswordCallback pc = (PasswordCallback) callbacks;
| pc.setPassword(password.toCharArray());
|
| } else {
| //if Callback is NOT NameCallback or PasswordCallback then
throw UnsupportedCallbackException
| throw new UnsupportedCallbackException(callbacks,
"Unrecognized Callback");
| }
| }
| }
| }
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3895106#3895106
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3895106
-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
