Authentication Problem
usul May 27, 2008 5:29 AMHi,
My Client throws an Exception at this line:
LoginContext lc = new LoginContext("steffendom", handler);
Exception:
Exception in thread "main" java.lang.SecurityException: Anmeldekonfiguration kann nicht gefunden werden.
at com.sun.security.auth.login.ConfigFile.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at javax.security.auth.login.Configuration$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.Configuration.getConfiguration(Unknown Source)
at javax.security.auth.login.LoginContext$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.init(Unknown Source)
at javax.security.auth.login.LoginContext.<init>(Unknown Source)
at myclient.MyClient.main(MyClient.java:36)
Caused by: java.io.IOException: Anmeldekonfiguration kann nicht gefunden werden.
at com.sun.security.auth.login.ConfigFile.init(Unknown Source)
... 15 more
My complete Client code:
package myclient; import java.rmi.RMISecurityManager; import java.util.Properties; import javax.naming.InitialContext; import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; import myserv.CalculatorBeanRemote; public class MyClient { public static void main(String[] args) throws Exception { System.setProperty("java.security.policy", "F:\\rmi.policy"); if (System.getSecurityManager() == null) { System.setSecurityManager(new RMISecurityManager()); } Properties properties = new Properties(); properties.put("java.naming.factory.initial","org.jnp.interfaces.NamingContextFactory"); properties.put("java.naming.factory.url.pkgs","org.jboss.naming:org.jnp.interfaces"); properties.put("java.naming.provider.url","localhost:1099"); CallbackHandler handler = new MyHandler(); LoginContext lc = new LoginContext("steffendom", handler); try { lc.login(); Subject subject = lc.getSubject(); } catch(LoginException e) { System.out.println("authentication failed"); e.printStackTrace(); } InitialContext ctx = new InitialContext(properties); CalculatorBeanRemote calculator = (CalculatorBeanRemote) ctx.lookup("CalculatorBean/remote"); System.out.println("4 + 7 = " + calculator.add(7, 4)); System.out.println("9 - 5 = " + calculator.subtract(9, 5)); // Scope of work complete, logout to remove authentication info try { lc.logout(); } catch(LoginException e) { System.out.println("logout failed"); e.printStackTrace(); } } }
I have added to the login-config.xml:
<application-policy name = "steffendom">
<authentication>
<login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
flag = "required" />
</authentication>
</application-policy>
And I have deployed my EJB in a *.jar containing a folder META-INF containing jboss.xml:
<security-domain>java:/jaas/steffendom</security-domain>
<enterprise-beans>
<session>
<ejb-name>CalculatorBean</ejb-name>
</session>
</enterprise-beans>
</jboss>
What am I missing?