Hi all,
I have 3 days trying to make this works, but without exit. I use jboss 3.2.3:
In the server side the login_config.xml is configured with a DatabaseServerLoginModule and works well with form basic authentication in my Jsp of test. No problem, the server authenticates the users throught the MySql database.
The login-config.xml have
<application-policy name="admin"> <authentication> <login-module code="org.jboss.security.ClientLoginModule" flag="required"> </login-module> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required"> <module-option name = "dsJndiName">java:/MySqlDS</module-option> <module-option name = "principalsQuery">select password from user where login=?</module-option> <module-option name = "rolesQuery">select role, 'Roles' from userrole where login=?</module-option> </login-module> </authentication> </application-policy>
lc = new LoginContext("login-app", handler); lc.login();
CallbackHandler handler = new CallbackHandler() { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks instanceof NameCallback) { NameCallback nc = (NameCallback)callbacks; nc.setName("my_login"); } else if (callbacks instanceof PasswordCallback) { PasswordCallback pc = (PasswordCallback)callbacks; pc.setPassword("my_password".toCharArray()); } else { throw new UnsupportedCallbackException(callbacks, "Callback no reconocido"); } } } };
login-app { org.jboss.security.ClientLoginModule required; };
java.rmi.ServerException: RemoteException occurred in server thread; nested exception is: java.rmi.ServerException: EJBException:; nested exception is: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is: Authentication exception, principal=null
Sorry, I had a bug in the code, some loginContext.logout before calling the session bean. (gluppss, very silly!!).