CustomLoginModule implementation
sanjuthomas Mar 31, 2004 11:08 PMwe are trying to migrate from Weblogic to JBoss, now we need to implement securty policy for our EJBs, we have written cusotm class for the security implementation extending UsernamePasswordLoginModule. Then we created jar using this class and put in the jboss_home/server/default/lib direcoty , and we have made right changes in login-config.xml and EJB's jboss.xml (hopefully)
login-config.xml
<application-policy name="OptiwiseSecurityDomain">
<login-module code="com.optiwise.bl.core.security.OptiwiseServerLoginModule" flag="required"></login-module>
</application-policy>
jboss.xml
<?xml version="1.0"?>
<security-domain>java:/jaas/OptiwiseSecurityDomain</security-domain>
When running jboss server i have got log like this
09:48:54,606 INFO [MainDeployer] Starting deployment of package: file:/C:/jboss
-3.2.2/jboss-3.2.2/server/default/deploy/RequestMgr.jar
09:48:54,936 INFO [EjbModule] Deploying RequestMgr
09:48:54,946 INFO [JaasSecurityManagerService] Created securityMgr=org.jboss.se
curity.plugins.JaasSecurityManager@a59490
09:48:54,956 INFO [JaasSecurityManagerService] setCachePolicy, c=org.jboss.util
.TimedCachePolicy@945b95
09:48:54,966 INFO [JaasSecurityManagerService] Added OptiwiseSecurityDomain, or
g.jboss.security.plugins.SecurityDomainContext@8a6fc to map
09:48:55,017 INFO [StatelessSessionInstancePool] Started jboss.j2ee:jndiName=Re
questMgr,plugin=pool,service=EJB
09:48:55,017 INFO [StatelessSessionContainer] Started jboss.j2ee:jndiName=Reque
stMgr,service=EJB
09:48:55,027 INFO [EjbModule] Started jboss.j2ee:module=RequestMgr.jar,service=
EjbModule
09:48:55,027 INFO [EJBDeployer] Deployed: file:/C:/jboss-3.2.2/jboss-3.2.2/serv
er/default/deploy/RequestMgr.jar
09:48:55,037 INFO [MainDeployer] Deployed package: file:/C:/jboss-3.2.2/jboss-3
.2.2/server/default/deploy/RequestMgr.jar
so i think in the server side everything is fine, if it is not please tell me
client program
import javax.naming.InitialContext;
import javax.security.auth.login.LoginContext;
import org.apache.log4j.Logger;
import org.jboss.security.auth.callback.UsernamePasswordHandler;
/**
* @author Optiwise
*/
public class OptiwiseClient
{
public static void main(String args[]) throws Exception
{
Logger log = Logger.getLogger("RequestMgr");
log.info("Login with username="+args[0]+", password="+args[1]);
UsernamePasswordHandler handler = new UsernamePasswordHandler(args[0], args[1].toCharArray());
LoginContext lc = new LoginContext("RequestMgr", handler);
lc.login();
log.info("Looking up RequestMgr Bean");
InitialContext iniCtx = new InitialContext();
Object ref = iniCtx.lookup("RequestMgr");
RequestMgrHome home = (RequestMgrHome) ref;
RequestMgr ob1 = home.create();
log.info("Created Request Manager Object");
log.info(ob1);
System.out.println(ob1);
lc.logout();
}
}
but when i am running client program i am getting an exception that is copied here
F:\sanju\work\JBoss>java OptiwiseClient sanju sanju
Exception in thread "main" java.lang.SecurityException: Unable to locate a login
configuration
at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:97)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstruct
orAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingC
onstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
at java.lang.Class.newInstance0(Class.java:296)
at java.lang.Class.newInstance(Class.java:249)
at javax.security.auth.login.Configuration$3.run(Configuration.java:221)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.Configuration.getConfiguration(Configuratio
n.java:215)
at javax.security.auth.login.LoginContext$1.run(LoginContext.java:170)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.init(LoginContext.java:167)
at javax.security.auth.login.LoginContext.(LoginContext.java:393)
at OptiwiseClient.main(OptiwiseClient.java:21)
Caused by: java.io.IOException: Unable to locate a login configuration
at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:206)
at com.sun.security.auth.login.ConfigFile.(ConfigFile.java:95)
... 14 more
if somebody knows the real problem , please help us, we are looking for you help.
we need to implement in short time, please give ur advice. if there is anyother files
to make changes please tell me that too, i am not quit sure that i am running on the
right path , please help me.
if anyone need our custom security class we will provide, so that you can fine
any error on that , if it is there.
thanking you
sanju