-
1. Re: Secure the Invokers
starksm64 Aug 26, 2004 1:57 AM (in response to cijijoseph)So what is wrong with the referenced wiki page?
-
2. Re: Secure the Invokers
cijijoseph Aug 26, 2004 2:46 AM (in response to cijijoseph)Thanks for the reply Scott.
The issue is that i would like to know whether we can apply the Security Credentials and secure the JBoss Server , if we are securing the invokers in the way suggested in the Wiki.
Please find attatced the code
Properties env = new Properties();
env.setProperty(Context.INITIAL_CONTEXT_FACTORY,"org.jnp.interfaces.NamingContextFactory");
env.setProperty(Context.URL_PKG_PREFIXES,"org.jboss.naming:org.jnp.interfaces");
env.setProperty("jnp.sotimeout","10000");
String jmxConnectionURL="jnp://"+serverURL+":"+port;
env.setProperty(Context.PROVIDER_URL, jmxConnectionURL);
env.put(Context.SECURITY_PRINCIPAL, "user");
env.put(Context.SECURITY_CREDENTIALS, "passwd");
InitialContext ctx_ = new InitialContext(env);
Object obj = ctx_.lookup("jmx/invoker/RMIAdaptor");
RMIAdaptor rmiAdaptor_ = (RMIAdaptor)PortableRemoteObject.narrow(obj,RMIAdaptor.class);
Thanks in Advance.
Regards
Ciji -
3. Re: Secure the Invokers
starksm64 Aug 27, 2004 9:52 AM (in response to cijijoseph)We do not use the InitialContext as the means for obtaining the username and password. Read the JAAS Howto in this forum.
-
4. Re: Secure the Invokers
cijijoseph Aug 30, 2004 1:20 PM (in response to cijijoseph)Thanks Scott.
It worked using the JAAS Login Context..
Please feel free to ping me if any one is intrerested in looking into the Code -
5. Re: Secure the Invokers
vijaygrk Aug 31, 2004 12:56 PM (in response to cijijoseph)Can you share the code
-
6. Re: Secure the Invokers
cijijoseph Sep 1, 2004 6:10 AM (in response to cijijoseph)Properties properties = new Properties();
properties.put(Context.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory"); properties.put(Context.URL_PKG_PREFIXES,"org.jboss.naming:org.jnp.interfaces");
properties.put(Context.PROVIDER_URL, serverURL);
Context ctx = new InitialContext(properties);
JBossCallBackHandler jb = new JBossCallBackHandler(); System.setProperty("java.security.auth.login.config","/usr/ciji/JBoss/CodeSamples/Security/auth.conf");
LoginContext lc = new LoginContext("other", jb);
lc.login();
Object obj = ctx.lookup("jmx/invoker/RMIAdaptor");
RMIAdaptor rmiAdaptor_ = (RMIAdaptor)PortableRemoteObject.narrow(obj,RMIAdaptor.class);
JBossCallBackHandler
public class JBossCallBackHandler implements CallbackHandler {
/* (non-Javadoc)
* @see javax.security.auth.callback.CallbackHandler#handle(javax.security.auth.callback.Callback[])
*/
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks instanceof NameCallback) {
// prompt the user for a username
NameCallback nc = (NameCallback)callbacks;
// ignore the provided defaultName
nc.setName("admin");
} else if (callbacks instanceof PasswordCallback) {
// prompt the user for sensitive information
PasswordCallback pc = (PasswordCallback)callbacks;
System.err.print(pc.getPrompt());
System.err.flush();
char[] test ={'a','d','m','i','n'};
pc.setPassword(test);
}
}
// TODO Auto-generated method stub
}
}