5 Replies Latest reply on Mar 7, 2003 12:46 PM by rinoong

    Using Context.SECURITY_PRINCIPAL

    rmital
    rmital Feb 13, 2003 12:50 PM

      I was wondering if instead of using org.jboss.security.ClientLoginModule having to implement a CallbackHandler in my client program,can't I use Context.SECURITY_PRINCIPAL/Context.SECURITY_CREDENTIALS to send username/password? It gives me java.lang.SecurityException: Authentication exception, principal=null
      Any ideas or am I stuck to implementing a Callback handler on my client side.

      Properties p = new Properties();
      p.put("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory");
      p.put("java.naming.provider.url","localhost:1099");
      p.put(Context.SECURITY_PRINCIPAL, "scott");
      p.put(Context.SECURITY_CREDENTIALS, "echoman");
      InitialContext iniContext = new InitialContext(p);
      SessionHome home = (SessionHome) iniContext.lookup(example+"/StatelessSession");

      • 2949 Views
      • Tags:
        • 1. Re: Using Context.SECURITY_PRINCIPAL
          rinoong
          rinoong Feb 18, 2003 9:07 PM (in response to rmital)


          Try using "org.jboss.security.jndi.LoginInitialContextFactory" for your java.naming.factory.initial property.

            • Actions
          • 2. Re: Using Context.SECURITY_PRINCIPAL
            cobraflow
            cobraflow Feb 21, 2003 11:41 AM (in response to rmital)

            JBoss does not support passing this information in the environment. You must use a client side LoginModule...


            Lewis

              • Actions
            • 3. Re: Using Context.SECURITY_PRINCIPAL
              rinoong
              rinoong Feb 24, 2003 1:00 PM (in response to rmital)

              While it is true that JBoss does not directly support passing this information in the environment, a workaround has been provided to mimic this mechanism. This is a quote from the JBoss documentation:

              "Historically JBoss has not supported providing login information via the IntialContext factory environment. The reason being that JAAS provides a much more flexible framework. For simplicity and migration from other application server environment that do make use of this mechanism, JBoss-3.0.3 adds a new InitialContext factory implementation that allows this. JAAS is still used under in the implementation, but there is no manifest use of the JAAS interfaces in the client application.
              The factory class that provides this capability is the org.jboss.security.jndi.LoginInitialContextFactory."

                • Actions
              • 4. Re: Using Context.SECURITY_PRINCIPAL
                mikewazowski
                mikewazowski Mar 5, 2003 6:29 PM (in response to rmital)

                Hi rinoong,

                i got the same problem when trying to set up

                Context.SECURITY_PRINCIPAL "..." with

                Context.INITIAL_CONTEXT_FACTORY,"org.jnp.interfaces.NamingContextFactory"

                Where can I found the org.jboss.security.jndi.LoginInitialContextFactory you mentioned, in my Jboss3.0.4 there is no such class?!

                thx. mike

                  • Actions
                • 5. Re: Using Context.SECURITY_PRINCIPAL
                  rinoong
                  rinoong Mar 7, 2003 12:46 PM (in response to rmital)

                  The said class is in the jbosssx.jar which you'll find in either the server/default/lib or server/all/lib directory.

                    • Actions