-
1. Re: MBean access to secured EJB
kashpaw Sep 6, 2001 2:26 PM (in response to kashpaw)I've put a few printlns in, and found that username is null when UsernamePasswordLoginModule.getUsernameAndPassword() tries to collect it from the callbackHandler. That's strange because this code works when I start a client that uses the client auth.conf "other" (a ClientLoginModule). When I use the server auth.conf "client-login" (a ClientLoginModule) for my MBean, it doesn't. Looking at the ClientLoginModule code now.
-
2. Re: MBean access to secured EJB
kashpaw Sep 6, 2001 3:48 PM (in response to kashpaw)No joy. Anyone have a clue why this works over the network, but not in the same vm?
-
3. Re: MBean access to secured EJB
kashpaw Sep 7, 2001 9:49 AM (in response to kashpaw)Okay, I got it to work. Since my MBean was using TimerMBean to periodically kick off some thread, I have to (programatically)login (and logoff) each time. But I'm still confused: reading the code for SecurityAssociation, I gather that the default is for the security association to be available on a vm-wide basis, and that threadlocal is only turned on when setServer() is called. If that's the case, why must I log in each time? I must be misinterpreting something.
-
4. 6472
starksm64 Jan 13, 2005 12:00 AM (in response to kashpaw)Um, I guess I may be confused.
I secured my session beans by specifying my own security domain, which uses the provided DatabaseServerLoginModule. Clients access the secured session beans by specifying "other", as given in the client-side auth.conf (a ClientLoginModule). On accessing the session beans authentication works fine.
The server side uses the DatabaseServerLoginModule, specified in mySecurityDomain.
Here's my difficulty: I have an MBean that periodically calls on my secured session beans. I specify "client-login" domain to the MBean's LoginContext (again, a ClientLoginModule), but on invoking the first secured method (create), the server barks with:
[Default] javax.security.auth.login.FailedLoginException: No matching username found in Principals
[Default] at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:96)
[Default]
[Default] at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login
(UsernamePasswordLoginModule.java:103)....
If I instead specify "MySecurityDomain", the same thing still happens.
How do i get the identity propagated into the right place?
TIA,
kashpaw