1 Reply Latest reply on Sep 6, 2005 12:36 AM by amyrlinseat

    Please Help:  JAAS

    shankarniyer
    shankarniyer Sep 6, 2005 12:27 AM

      Hi,
      I am trying to implement JAAS in Jboss, version 3.2.7.
      I use users.properties and roles.properties to define the users and roles.
      I have two methods in my enterprise bean which is accessed from a servlet.
      One method is fro User and other for Administrator.
      My bean methods are as is as follows :


      public int MultiTwoNumber() {

      // get bean's caller using getCallerPrincipal()
      java.security.Principal principal = context.getCallerPrincipal();
      java.lang.String callerId= principal.getName();

      // check if bean's caller is granted Administrator role
      boolean isMgr = context.isCallerInRole("Administrator");

      // only set supplied message if caller is "bob" or caller is granted Mgr role
      if ( isMgr || callerId.equals("shankar") )
      results =1;
      else results=100*100;
      // return results;

      return results;
      }


      public int addTwoNumber() {

      // get bean's caller using getCallerPrincipal()
      java.security.Principal principal = context.getCallerPrincipal();
      java.lang.String callerId= principal.getName();

      // check if bean's caller is granted Administrator role
      boolean isMgr = context.isCallerInRole("User");

      // only set supplied message if caller is "bob" or caller is
      granted Mgr role
      if ( isMgr || callerId.equals("selva") )
      results =200;
      else results=1;
      // return results;
      return results;
      }
      }

      However I get the following Exception:

      [STDOUT] exception----RuntimeException; nested exception is:
      java.lang.IllegalStateException: No security context set

      Please Help,
      Thanx in Advance,
      Shankar.

      • 2333 Views
      • Tags:
        • 1. Re: Please Help:  JAAS
          amyrlinseat
          amyrlinseat Sep 6, 2005 12:36 AM (in response to shankarniyer)

          I am far from being an expert in this, but from my experience what you are missing is the following:
          in the file jboss.xml that is in the jar of your EJB, you must have the following node

          <jboss>

 <security-domain>java:/jaas/ABCD</security-domain>

 <enterprise-beans>

          where ABCD should be replaced by you to some meaningful string. This is called the security domain and will probably be needed somewhere else in your code that deals with security (though I can't recall exactly where).

          Amyrlin

            • Actions