3 Replies Latest reply on Oct 22, 2001 4:06 AM by jwkaltz

    Passing Servlet's Principal to EJB

    danmartin

      We have a Servlet used to auto-startup our own Scheduler class (don't want to use other schedulers to do this, thanks). This stuff activate some tasks that need to invoke secured EJB's (using JDBC realm). We made a number of attempts and, all that we had, is to authenticate the embedded user, using an implementation of the CallbackHandler interface. Then, when we try to use the entity bean we just looked up, an authentication exception is raised:

      [User] Authentication exception, principal=null
      [Default] java.rmi.RemoteException: checkSecurityAssociation; nested exception is:
      java.lang.SecurityException: Authentication exception, principal=null
      [Default] java.lang.SecurityException: Authentication exception, principal=null
      [Default] <<no stack trace available>>

      We used any possible JBoss bundle, from 2.2 to 2.4.3, with either Jetty or Tomcat web container.

      Any suggestion?

      Since we're quite tired about this problem, we're investigating the JBoss way to startup a MBean, even if this is not what we wanted ....

      Thanks in advance

        • 1. Re: Passing Servlet's Principal to EJB
          jwkaltz

          > [User] Authentication exception, principal=null
          > [Default] java.rmi.RemoteException:
          > checkSecurityAssociation; nested exception is:

          You need to also do the client-side binding of the credentials, using JBoss ClientLoginModule
          See the JBossSX article in JavaWorld or previous postings in this forum.

          • 2. Re: Passing Servlet's Principal to EJB
            danmartin

            Not sure I caught it ...

            I'm running a servlet, so what is the auth.conf file used? I suppose the same used by JBoss (in conf/tomcat, for example), isn't it?
            So, we made our own module, say "xx", and in servlet init() we created a LoginContext("xx", handler).
            Our jboss-web descriptor indicates, as the security-domain, jaas:/xx.
            Everything seems correct, the user/password are recongnized too, but a null principal is passed to the EJB.

            Do you mean we have to set the Context.SECURITY_CREDENTIALS and Context.SECURITY_PRINCIPAL in our context? we did it, but didn't work.

            More ideas??

            • 3. Re: Passing Servlet's Principal to EJB
              jwkaltz

              > Do you mean we have to set the
              > Context.SECURITY_CREDENTIALS and
              > Context.SECURITY_PRINCIPAL in our context? we did it,
              > but didn't work.
              >
              > More ideas??

              No, this way of setting a context is not supported by JBoss. You need to read either the online documentation or the JBossSX article on JavaWorld, search for "JBossSX" on javaworld.com and read the article.