Hi,

I have secured a ejb with jaas, using DatabaseServerLoginModule . When I login using a java client application , everything works fine, I can access the secured methods of the session bean.
However, when I login from a servlet application I get the following security exception when trying to call the method "login" of the session bean:
EJBException:; nested exception is: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is: Authentication exception, principal=null

The error appears not regulary, so I can't reproduce it.

I am using the jboss server (version 3.0.4) and the Framework struts (and JSP) to generate dynamic content for the web-Client.

I hope anybody can help me.


****************************************************************************************
****************************************************************************************
Zy3k4wCT


Delegate Class

public class LoginDelegate
{

Properties pro;
LoginContext logCtx;
ServiceLocator locator = null;
private String authConfig = "auth.conf";

public LoginDelegate(String IP, String PORT)
{
pro = new Properties();
pro.put("java.naming.factory.initial", "org.jnp.interfaces.NamingContextFactory");
pro.put("java.naming.provider.url", "jnp://" + IP + ":" + PORT + "/");
pro.put("java.naming.factory.url.pkgs", "org.jboss.naming:org.jnp.interfaces");

URL path = getClass().getClassLoader().getResource(authConfig);
String pfad = "E:\\jboss-3.0.4_tomcat-4.1.12\\server\\default\\conf\\auth.conf";
System.setProperty(key, pfad);
}

public boolean login(String name, String pass)
{
Login login = null;
try
{
if (name == null || name.length() == 0 || pass == null || pass.length() == 0)
return false;

logCtx = new LoginContext("ZELogin", new NamePasswortHandler(name, pass.toCharArray()));

logCtx.login();

this.locator = ServiceLocator.getInstance(pro);
login = ((LoginHome) this.locator.getEJBHome(ServiceLocator.Login_JNDINAME)).create();

return true;

}
catch (Exception e)
{
}
}

}

****************************************************************************************
Servlet

public class Patient extends HttpServlet implements SingleThreadModel
{

private String name = null;
private String pass = null;
private LoginDelegate logDeg = null;

/** Looks up the InterestHome interface and saves it for use in
doGet().
*/
public void init() throws ServletException
{
try
{
logDeg = new LoginDelegate("localhost", "1099");

}
catch (Exception e)
{
e.printStackTrace();
}
}

/**
*/
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{

response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("");
try
{
name = request.getParameter("name");
pass = request.getParameter("pass");

if (logDeg.login(_name, _pass))
out.println("erfolgreich ");

else
out.println("fehlgeschlagen");



}
catch (Exception e)
{
out.println(e.toString());
}
finally
{
out.println("");
out.close();
}
}

}

****************************************************************************************
auth.conf
($jboss_home/server/default/conf/auth.conf)


// This file is now obsolete but is read for backward compatability
// Use the login-config.xml file instead
// $Id: auth.conf,v 1.12 2002/04/14 18:59:49 starksm Exp $

simple {
// Very simple login module:
// any user name is accepted.
// password should either coincide with user name or be null,
// all users have role "guest",
// users with non-null password also have role "user"
org.jboss.security.auth.spi.SimpleServerLoginModule required;
};

ZELogin{
org.jboss.security.ClientLoginModule required
;
};

****************************************************************************************

login-config.xml
($jboss_home/server/default/conf/login-config.xml)


<application-policy name = "ZELogin">

<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
<module-option name="dsJndiName">java:/InformixDS</module-option>
<module-option name="principalsQuery">SELECT Passwort FROM Benutzer WHERE BenutzerID=?</module-option>
<module-option name="rolesQuery">SELECT rechteID,'Roles' FROM Benutzerrechte WHERE BenutzerID=?</module-option>
</login-module>

</application-policy>


****************************************************************************************

ejb-jar.xml

<?xml version="1.0"?>

<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">


<ejb-jar>
<enterprise-beans>



<ejb-name>NotizEJB</ejb-name>
<local-home>de.NotizLocalHome</local-home>
de.NotizLocal
<ejb-class>de.NotizBean</ejb-class>
<persistence-type>Container</persistence-type>
<prim-key-class>java.lang.Long</prim-key-class>
True
<cmp-version>2.x</cmp-version>
<abstract-schema-name>Notiz</abstract-schema-name>
<cmp-field><field-name>ID</field-name></cmp-field>
<cmp-field><field-name>name</field-name></cmp-field>
<cmp-field><field-name>gruppe</field-name></cmp-field>
<primkey-field>ID</primkey-field>

<query-method>
<method-name>findByName</method-name>
<method-params>
<method-param>java.lang.String</method-param>
</method-params>
</query-method>
<ejb-ql>select object(i) from Notiz i where i.name =?1</ejb-ql>


<query-method>
<method-name>findByGruppe</method-name>
<method-params>
<method-param>java.lang.Long</method-param>
</method-params>
</query-method>
<ejb-ql>select object(i) from Notiz i where i.gruppe =?1</ejb-ql>




<ejb-name>LoginEJB</ejb-name>
de.LoginHome
de..Login
<ejb-class>de.LoginBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>



<assembly-descriptor>


<container-transaction>

<ejb-name>NotizEJB</ejb-name>
<method-name>*</method-name>

<trans-attribute>Required</trans-attribute>
</container-transaction>


<container-transaction>

<ejb-name>LoginEJB</ejb-name>
<method-name>*</method-name>

<trans-attribute>Required</trans-attribute>
</container-transaction>

<!-- *** SECURITY-ROLES *** -->

<security-role>
<role-name>verwaltung</role-name>
</security-role>

<method-permission>
<role-name>verwaltung</role-name>

<ejb-name>NotizEJB</ejb-name>
<method-name>*</method-name>

</method-permission>
<method-permission>


<ejb-name>LoginEJB</ejb-name>
<method-name>*</method-name>

</method-permission>


</assembly-descriptor>

</ejb-jar>

****************************************************************************************

jboss.xml

<?xml version="1.0" encoding="UTF-8"?>




<security-domain>java:/jaas/ZELogin</security-domain>


<enterprise-beans>


<ejb-name>NotizEJB</ejb-name>
<local-jndi-name>notiz/Notiz</local-jndi-name>



<ejb-name>LoginEJB</ejb-name>
<jndi-name>login/Login</jndi-name>


</enterprise-beans>




****************************************************************************************

jboss-web.xml

<?xml version="1.0"?>

<jboss-web>
<security-domain>java:/jaas/ZELogin</security-domain>
</jboss-web>

****************************************************************************************

web.xml


<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<!-- Copyright (c) 2002 by ObjectLearn. All Rights Reserved. -->

<web-app>

<servlet-name>action</servlet-name>
<servlet-class>org.apache.struts.action.ActionServlet</servlet-class>

<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/struts-config.xml</param-value>
</init-param>
<init-param>
<param-name>debug</param-name>
<param-value>3</param-value>
</init-param>
<init-param>
<param-name>detail</param-name>
<param-value>3</param-value>
</init-param>
<load-on-startup>1</load-on-startup>


<servlet-mapping>
<servlet-name>action</servlet-name>
<url-pattern>*.do</url-pattern>
</servlet-mapping>

<welcome-file-list>
<welcome-file>welcome.jsp</welcome-file>
</welcome-file-list>


<taglib-uri>/WEB-INF/tlds/struts-bean.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-bean.tld</taglib-location>


<taglib-uri>/WEB-INF/tlds/struts-html.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-html.tld</taglib-location>


<taglib-uri>/WEB-INF/tlds/struts-logic.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-logic.tld</taglib-location>


<taglib-uri>/WEB-INF/tlds/struts-nested.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-nested.tld</taglib-location>


<taglib-uri>/WEB-INF/tlds/struts-template.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-template.tld</taglib-location>


<taglib-uri>/WEB-INF/tlds/struts-tiles.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/struts-tiles.tld</taglib-location>


<taglib-uri>/WEB-INF/tlds/pager-taglib.tld</taglib-uri>
<taglib-location>/WEB-INF/tlds/pager-taglib.tld</taglib-location>


</web-app>