Hi, I’m using the Tomcat server which comes with jboss.
I’m having a problem with jboss login using jaas via jsp. I
successfully manage to login using jaas. The “System.out.println(userPrincipalName);”
in the jsp snippet returns “test”, all well and good so far.
This then calls getUser() in the ejb snippet at the bottom of this mail. The
“System.out.println(ctx.getCallerPrincipal().getName());” called in
the ejb snippet below returns “nobody” though. I’m not sure if the system is only logging the user
into Tomcat or if it is because there are no <method-permission> tags in
the ejb-jar.xml. I don’t need security for my beans yet but for ctx.getCallerPrincipal()
to work does the bean need a method permission tag with unchecked instead of a
role name? If the system is only logging the user into Tomcat is there a
way to pass this login info on? Any help would be much appreciated. Thanks in advance, Neil Mendoza --------------------------------------jsp
snippet-------------------------------------- String
user="test"; String
pass="test"; try { UsernamePasswordHandler
handler = new UsernamePasswordHandler(user, pass.toCharArray()); LoginContext
loginContext = new LoginContext("ias-login", handler); loginContext.login(); try { String
userPrincipalName = ((Principal)
loginContext.getSubject().getPrincipals().iterator().next()).getName(); if
(userPrincipalName == null) System.out.println("name is null!"); else
System.out.println(userPrincipalName); UserValue
userValue = UserManagerUtil.getLocalHome().create().getUser(); session.setAttribute("myUserValue",
userValue); %> <jsp:forward
page="./index.jsp?action="" /> <% } catch
(javax.ejb.FinderException e) { errorMessage
= "The login details you entered were valid with jaas but not with
ias."; } } catch
(javax.security.auth.login.LoginException e) { errorMessage
= "The login details you entered were not valid."; } -----------------------------------end of
jsp------------------------------------------------------ ----------------------------------------------------ejb
snippet--------------------------------------------------------------- /** * Get the "logged-in"
user from the caller principal * * @return The logged-in user. * @ejb.interface-method
view-type="both" * @ejb.transaction
type="Required" **/ public UserValue getUser() throws
FinderException { try
{
UserLocalHome cHome = UserUtil.getLocalHome(); System.out.println(ctx.getCallerPrincipal().getName());
UserLocal ul = cHome.findByUserName(ctx.getCallerPrincipal().getName());
return (UserValue) ul.getUserValue(); }
catch ( NamingException ne ) {
throw new EJBException("An error occurred while connecting to the
Application Server.", ne ); } } ---------------------------------------------------end of
ejb---------------------------------------------------------------- --- intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Prytania Group has taken every reasonable precaution to ensure that any attachment to this e-mail has been swept for viruses. However, we cannot accept liability for any damage sustained as a result of software viruses and would advise that you carry out your own virus checks before opening any attachment. |