- JBoss 4.2.2.GA - Java 5 Update 15 Hello, everybody!
I have already finished my web application using the JBoss server. It's already deployed, running and working well. This web application uses the FORM authentication method to authenticate users (so users must provide a user name and password to log in), being helped by a custom login module that does the real authentication behind the scenes. All the JavaBeans and entity beans that this web application uses are in a EJB jar file deployed on the same server (so the business logic is separated from the presentation). But now I want to use this same EJB jar file that contains the business logic from desktop applications (Swing clients). I suppose (correct me if I'm wrong) that in order to make method calls on the session beans from the Swing clients, these Swing clients also have to be authenticated on the server, like the web application is. But the problem is that I have no idea how to authenticate from desktop applications, as the process to do that could be very different from the web applications authentication process. I also would like to know how to log out from the desktop applications. Below are some extracts from my web application related to the authentication. I think that showing this here is really not necessary, but I chose to do so in the hope that it can be helpful to you to find an answer to me and to show you more precisely how I'm authenticating from the web application. -------------------------------------------------------------------------------- IN THE WEB APPLICATION: ================= web.xml ---------- <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns="http://java.sun.com/xml/ns/javaee"; xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"; xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"; id="WebApp_ID" version="2.5"> <display-name>Laboratorio de Informatica</display-name> <!-- more configuration... --> <security-constraint> <web-resource-collection> <web-resource-name>restrito</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>ADMINISTRADOR</role-name> <role-name>USUARIO</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <security-constraint> <web-resource-collection> <web-resource-name>permitido</web-resource-name> <url-pattern>/css/*</url-pattern> <url-pattern>/script/*</url-pattern> <url-pattern>/imagens/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/errologin.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>ADMINISTRADOR</role-name> </security-role> <security-role> <role-name>USUARIO</role-name> </security-role> <!-- more configuration... --> </web-app> jndi.properties ----------------- java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces java.naming.provider.url=jnp://localhost:1099 jboss-web.xml ----------------- <?xml version="1.0" encoding="UTF-8"?> <jboss-web> <security-domain>java:/jaas/laboratorio-informatica</security-domain> </jboss-web> login.jsp ---------- <h5>Informe o seu nÃÂúmero de matrÃÂÃÂcula e senha para acessar o sistema.</h5> MatrÃÂÃÂcula: Senha: IN THE EJB APPLICATION: ================= ModuloLoginFuncionarios.java (this is the custom login module) I'm showing you here just the methods that I override -------------------------------------------------------------- package br.urca.www.laboratorioinformatica.seguranca.jboss; | | import org.jboss.security.auth.spi.UsernamePasswordLoginModule; | // other imports... | | public class ModuloLoginFuncionarios extends UsernamePasswordLoginModule | { | @Override | protected String getUsersPassword() throws LoginException | { | // code... | } | | @Override | protected boolean validatePassword(String inputPassword, String expectedPassword) | { | // code... | } | | @Override | protected Throwable getValidateError() | { | // code... | } | | @Override | protected Group[] getRoleSets() throws LoginException | { | // code... | } | } IN THE SERVER: =========== C:\jboss-4.2.2.GA\server\default\conf\login-config.xml --------------------------------------------------------------- <?xml version='1.0'?> <!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN" "http://www.jboss.org/j2ee/dtd/security_config.dtd";> <!-- other configuration... --> <!-- other configuration... --> <application-policy name="laboratorio-informatica"> <login-module code="br.urca.www.laboratorioinformatica.seguranca.jboss.ModuloLoginFuncionarios" flag="required" /> </application-policy> C:\jboss-4.2.2.GA\server\default\deploy\laboratorio-informatica-ds.xml ----------------------------------------------------------------------------------- <?xml version="1.0" encoding="UTF-8"?> <!-- $Id: mssql-ds.xml 61002 2007-02-28 16:13:00Z [EMAIL PROTECTED] $ --> <local-tx-datasource> <jndi-name>LaboratorioInformaticaDS</jndi-name> <connection-url>jdbc:sqlserver://server_name;databaseName=database_name</connection-url> <driver-class>com.microsoft.sqlserver.jdbc.SQLServerDriver</driver-class> <user-name>user_name</user-name> password <!-- corresponding type-mapping in the standardjbosscmp-jdbc.xml (optional) --> <type-mapping>MS SQLSERVER2000</type-mapping> </local-tx-datasource> -------------------------------------------------------------------------------- So, I hope to get your help about this subject. Thank you very much. Marcos View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4161742#4161742 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4161742 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user
