This content has been marked as final.
Show 2 replies
-
1. Re: Authentication EJB
starksm64 Sep 8, 2001 10:50 AM (in response to mcarrion)Configure the login module to assign an unauthenticatedIdentity value(assuming its a subclass of org.jboss.security.auth.spi.UsernamePasswordLoginModule) as is done in the default auth.conf file:
// The default server login module other { // A simple server login module, which can be used when the number // of users is relatively small. It uses two properties files: // users.properties, which holds users (key) and their password (value). // roles.properties, which holds users (key) and a comma-separated list of their roles (value). // The unauthenticatedIdentity property defines the name of the principal // that will be used when a null username and password are presented as is // the case for an unuathenticated web client or MDB. If you don't want to // allow such users to be authenticated remove the property. org.jboss.security.auth.spi.UsersRolesLoginModule required unauthenticatedIdentity="nobody"; };
If you can't do that then you can assign this inside of the jboss.xml descriptor using the unauthenticated-principal element:<jboss> <unauthenticated-principal>nobody</unauthenticated-principal> ... </jboss>
-
2. Re: Authentication EJB
jasonvenhuizen Mar 20, 2005 2:22 AM (in response to mcarrion)I was able to create the LoginContext in my session bean, but after authenticating which granted my user the proper role I still get a security error when I try to invoke another method. Is there something I need to do to associcate the login context with the current session?