About Loing Model
wxwang Jan 24, 2005 11:54 PMDatabaseServerLoginModule is used for login in my Application.
EJB can be access correctly by using JSP.
But I cannot login through Applet.
Could anyone tell me How I can call the secury EJB method by using Applet?
The deployment as following
login-config.xml
<application-policy name="Test"> <authentication> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name="dsJndiName">java:/oraDataSource</module-option> <module-option name="principalsQuery">select U_Password from users where U_Name=?</module-option> <module-option name="rolesQuery">select GM_Group, 'Roles' from groupmembers where GM_Member=?</module-option> </login-module> </authentication> </application-policy>
EJB
jboss.xml
<jboss> <security-domain>java:/jaas/Test</security-domain> <enterprise-beans> <session> <ejb-name>TestDisplay</ejb-name> <jndi-name>TestDisplay</jndi-name> <method-attributes> <method> <method-name>*</method-name> <transaction-timeout>3600</transaction-timeout> </method> </method-attributes> </session> </enterprise-beans> </jboss>
ejb-jar.xml
<ejb-jar> <enterprise-beans> <session> <ejb-name>TestDisplay</ejb-name> <home>TestDisplayHome</home> <remote>TestDisplay</remote> <ejb-class>TestDisplayBean</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> <security-role-ref> <role-name>guest</role-name> <role-link>guest</role-link> </security-role-ref> <security-identity> <run-as> <role-name>guest</role-name> </run-as> </security-identity> </session> </enterprise-beans> <assembly-descriptor> <method-permission> <role-name>guest</role-name> <method> <ejb-name>TestDisplay</ejb-name> <method-name>*</method-name> </method> </method-permission> </assembly-descriptor> </ejb-jar>
A Class for login in Applet:
System.setProperty("java.security.auth.login.config", "c:/jaashowto/example/resources/auth.conf"); System.setProperty(Context.INITIAL_CONTEXT_FACTORY, JNDI_FACTORY); System.setProperty(Context.PROVIDER_URL, providerUrl); String pwd = "password"; char[] password = pwd.toCharArray(); String name = "user"; try { AppCallbackHandler handler = new AppCallbackHandler(name, password); LoginContext lc = new LoginContext("Test", handler); lc.login(); } catch (LoginException e) { e.printStackTrace(); }
The auth.conf as following:
Test { org.jboss.security.auth.spi.DatabaseServerLoginModule required; };
The server return exception like this:
javax.security.auth.login.LoginException: javax.naming.NameNotFoundException: DefaultDS not bound at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:110) at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:156) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at javax.security.auth.login.LoginContext.invoke(Unknown Source) at javax.security.auth.login.LoginContext.access$000(Unknown Source) at javax.security.auth.login.LoginContext$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeModule(Unknown Source) at javax.security.auth.login.LoginContext.login(Unknown Source)
Thank you