-
1. Re: Applet authentication problem
kuding2000 Oct 23, 2001 8:17 PM (in response to kuding2000)I have thought I could use the same method as JBoss HOWTO: "JAAS Based Security in JBoss" but I failed.
in the HOWTO, there is a "Session Client" which use a CallbackHandler class to login. Although I am unable to get the authenticated user and password from JSP to it's embedded applet, as a test, I code the user name and password as "sliu" and "sliu", and copy "AppCallbackHandler" class codes in "Session Client" into my applet, then when a button clicked, action performed as below:
void btnTest_actionPerformed(java.awt.event.ActionEvent event)
{
System.out.println("Login...");
try{
String user = "sliu";
char [] password = "sliu".toCharArray();
AppletCallbackHandler handler = new AppletCallbackHandler(user, password);
LoginContext lc = new LoginContext("bizsphere", handler);
System.out.println("Created LoginContext");
lc.login();
}catch(LoginException le){
System.out.println("Login failed.");
le.printStackTrace();
}
}
the error message on Applet console shows:
Login...
unable to instantiate LoginConfiguration
java.lang.SecurityException: unable to instantiate LoginConfiguration
at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:212)
at javax.security.auth.login.LoginContext$1.run(LoginContext.java:166)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.init(LoginContext.java:163)
at javax.security.auth.login.LoginContext.(LoginContext.java:319)
at bs.applets.tstAuth.btnTest_actionPerformed(Unknown Source)
at bs.applets.tstAuth$SymAction.actionPerformed(Unknown Source)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$ForwardActionEvents.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
please help, I really appreciate it.
Steve -
2. Re: Applet authentication problem
jwkaltz Oct 24, 2001 4:28 AM (in response to kuding2000)> java.lang.SecurityException: unable to instantiate
> LoginConfiguration
>
> at
> javax.security.auth.login.Configuration.getConfigurat
> on(Configuration.java:212)
This error message comes from the JAAS API; this error happens when whatever class you set as a login.configuration.provider can not be loaded by the system class loader.
So, probably what is happening is either you have set a custom login.configuration.provider to some class which is not in the system class path, or you are using some JBoss code which is doing this.
Note that whatever class is implementing the login configuration needs to be in the system class path; this class path may not be the same as your application's class path (example : a tomcat application)
Hope that helps ... I don't know about the applet stuff but the solution very likely lies in adding some jar to the system class path where your applet is running. -
3. This is a wrong way to do this
ko5tik Oct 24, 2001 6:46 AM (in response to kuding2000)Your applet runs in very different JVM
( on the client side )
To communicate to EJB in your server it needs following:
- client modules for EJB
- correct setup for JNDI stuff
( I asume you got both things working or either you will not get "security violations")
What's left is client side login - you may either use client login module, or just setup security association
in applet JVM ( steal code from JBossSecurityMgrRealm
if you like ) -
4. Re: Applet authentication problem
dlandvater Feb 8, 2003 1:38 PM (in response to kuding2000)I have the same problem.
I'm not familiar with the AppletCallbackHandler. Where would I find this class?
Thanks