-
1. Re: Environment with Logged and Non-Logged Users
luke_t Feb 9, 2002 9:43 AM (in response to farmboy)
> So I guess the question is how can I set the clients principal without them logging in?
That's what the unauthenticatedIdentity setting is for.
What do your ejb settings and your server auth.conf look like?
Luke. -
2. Re: Environment with Logged and Non-Logged Users
farmboy Feb 11, 2002 5:17 PM (in response to farmboy)Here is the portion of auth.conf for the module:
db {
org.jboss.security.auth.spi.DatabaseServerLoginModule required
dsJndiName="java:/BetterLIMSDS"
principalsQuery="select password as passwd from dbuser where userid=?"
rolesQuery="select GroupName as UserRoles, 'Roles' as Roles from group_user where userid=?"
unauthenticatedIdentity="nobody"
;
};
Here's a portion of the ejb-jar for the security access:
<assembly-descriptor>
<security-role>
<role-name>AuthorizedUser</role-name>
</security-role>
<security-role>
<role-name>nobody</role-name>
</security-role>
<method-permission>
Example of security with roles for the SecureHello
<role-name>nobody</role-name>
<ejb-name>Hello</ejb-name>
<method-name>*</method-name>
</method-permission>
I guess a question I have at this point, does the unauthenticatedIdentity of "nobody" have to exist in the database with some roles defined? or is this a role that is automatically defined for those not logged on?
I appreciate all your feedback luke. -
3. Re: Environment with Logged and Non-Logged Users
ubxwgm Jan 29, 2003 2:08 AM (in response to farmboy)It seems that unauthenticatedIdentity provides a principal to use like a "normal" user.
So either you mark the required methods as "unchecked" or you have to create some mapping from nobody to the roles you need.
regards Michael -
4. Re: Environment with Logged and Non-Logged Users
panosk Jan 30, 2003 4:04 AM (in response to farmboy)I have the same problem. I have defined unathenticatedPrincipal (or even IdentityLoginModule) but i still get the following error:
java.lang.RuntimeException: checkSecurityAssociation; CausedByException is:
Authentication exception, principal=null
from my ejbs.