Simple Database Authentication in EJB
Hi,
Well I am trying to authenticate a user to access an EJB. But nothing seems to work out.
I get the exception that No LoginModules Configured. I wonder why this error seems to come out. The access works when using simple properties file. Below are the various files.
For this purpose I have used the Fibo tutorial.
Any help is appreciated.
Regards,
Kamal
Files:
ejb-jar.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">
<ejb-jar >
<![CDATA[No Description.]]>
<display-name>Generated by XDoclet</display-name>
<enterprise-beans>
<!-- Session Beans -->
<![CDATA[Description for Fibo]]>
<display-name>Name for Fibo</display-name>
<ejb-name>Fibo</ejb-name>
tutorial.interfaces.FiboHome
tutorial.interfaces.Fibo
<ejb-class>tutorial.ejb.FiboBean</ejb-class>
<session-type>Stateless</session-type>
<transaction-type>Container</transaction-type>
<security-role-ref>
<role-name>Compute</role-name>
<role-link>Compute</role-link>
</security-role-ref>
<!--
To add session beans that you have deployment descriptor info for, add
a file to your XDoclet merge directory called session-beans.xml that contains
the markup for those beans.
-->
<!-- Entity Beans -->
<!--
To add entity beans that you have deployment descriptor info for, add
a file to your XDoclet merge directory called entity-beans.xml that contains
the markup for those beans.
-->
<!-- Message Driven Beans -->
<!--
To add message driven beans that you have deployment descriptor info for, add
a file to your XDoclet merge directory called message-driven-beans.xml that contains
the <message-driven></message-driven> markup for those beans.
-->
</enterprise-beans>
<!-- Relationships -->
<!-- Assembly Descriptor -->
<!--
To specify your own assembly descriptor info here, add a file to your
XDoclet merge directory called assembly-descriptor.xml that contains
the <assembly-descriptor></assembly-descriptor> markup.
-->
<assembly-descriptor >
<security-role>
<role-name>Compute</role-name>
</security-role>
<!--
To specify additional security-role elements, add a file in the merge
directory called ejb-security-roles.xml that contains them.
-->
<!-- method permissions -->
<!--
To specify additional method-permission elements, add a file in the merge
directory called ejb-method-permissions.ent that contains them.
-->
<method-permission>
<ejb-name>Fibo</ejb-name>
<method-name>create</method-name>
</method-permission>
<method-permission>
<role-name>Compute</role-name>
<ejb-name>Fibo</ejb-name>
<method-name>compute</method-name>
</method-permission>
<!-- transactions -->
<!--
To specify additional container-transaction elements, add a file in the merge
directory called ejb-container-transactions.ent that contains them.
-->
<!-- finder transactions -->
<!-- message destinations -->
<!--
To specify additional message-destination elements, add a file in the merge
directory called ejb-message-destinations.ent that contains them.
-->
<!-- exclude list -->
<!--
To specify an exclude-list element, add a file in the merge directory
called ejb-exclude-list.xml that contains it.
-->
</assembly-descriptor>
</ejb-jar>
----------------------------------------------------------------------------------------------------------
jboss.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 4.0//EN" "http://www.jboss.org/j2ee/dtd/jboss_4_0.dtd">
<security-domain>java:/jaas/FiboTest</security-domain>
<enterprise-beans>
<!--
To add beans that you have deployment descriptor info for, add
a file to your XDoclet merge directory called jboss-beans.xml that contains
the , and <message-driven></message-driven>
markup for those beans.
-->
<ejb-name>Fibo</ejb-name>
<jndi-name>ejb/Fibo</jndi-name>
<method-attributes>
</method-attributes>
<!--
write a merge file jboss-webservices.ent for webservice-description
-->
</enterprise-beans>
<!--
To specify your own assembly descriptor info here, add a file to your
XDoclet merge directory called jboss-assembly-descriptor.xml that contains
the <assembly-descriptor></assembly-descriptor> markup.
-->
<assembly-descriptor>
<!-- message destinations -->
<!--
To specify additional message-destination elements, add a file in the merge
directory called jboss-message-destinations.ent that contains them.
-->
</assembly-descriptor>
<resource-managers>
</resource-managers>
<!--
| for container settings, you can merge in jboss-container.xml
| this can contain <invoker-proxy-bindings/> and <container-configurations/>
-->
----------------------------------------------------------------------------------------------------------
JUnit Test Case:package jtest;
import junit.framework.TestCase;
import java.util.*;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.rmi.PortableRemoteObject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.jboss.security.auth.callback.UsernamePasswordHandler;
import tutorial.interfaces.Fibo;
import tutorial.interfaces.FiboHome;
public class Compute extends TestCase {
/** Home interface */
protected FiboHome home;
/**
* Get the initial naming context
*/
protected Context getInitialContext() throws Exception {
Hashtable props = new Hashtable();
props.put(Context.INITIAL_CONTEXT_FACTORY,
"org.jnp.interfaces.NamingContextFactory");
props.put(Context.URL_PKG_PREFIXES,
"org.jboss.naming:org.jnp.interfaces");
props.put(Context.PROVIDER_URL, "jnp://10.129.78.6:1099");
Context ctx = new InitialContext(props);
props.put(Context.SECURITY_PRINCIPAL, "test");
props.put(Context.SECURITY_CREDENTIALS, "test");
return ctx;
}
/**
* Get the home interface
*/
protected FiboHome getHome()
throws Exception {
//CallbackHandler handler =
// new UsernamePasswordHandler("kermit", "frog");
SimpleCallbackHandler handler= new SimpleCallbackHandler("test","test".toCharArray() );
/*While executing the param should be com.fibo.jaas.appname=testFibo
* -Djava.security.auth.login.config==/root/auth.conf
-Dcom.fibo.jaas.appname=testFibo
*/
try{
System.out.println("Before Login Context");
LoginContext lc = new LoginContext("com.fibo.jaas.appname", handler);
System.out.println("Before Login");
lc.login();
System.out.println("After Login");
//Context ctx = new InitialContext() ;
System.out.println("Before context");
Context ctx = this.getInitialContext();
System.out.println("after context");
Object o = ctx.lookup("java:ejb/Fibo");
System.out.println("after lookup");
FiboHome intf =(FiboHome) PortableRemoteObject.narrow(o, FiboHome.class);
System.out.println("after home");
return intf;
}
catch (Exception e) {
e.printStackTrace() ;
} finally {
//lc.logout();
}
return null;
}
/**
* Set up the test case
*/
protected void setUp() throws Exception {
this.home = this.getHome();
}
public void testCompute() {
Fibo instance;
double[] out1;
try{
this.setUp();
instance = this.home.create();
// Method call
out1 = instance.compute( 50);
for(int i=0;i<out1.length ;i++)
System.out.println(out1);
}
catch(Exception e){
e.printStackTrace();
}
//Various assertions
System.out.println("Fibo Computed successfully");
}
}
-----------------------------------------------------------------------------------------------------------
client.conf
testFibo {
org.jboss.security.ClientLoginModule required
password-stacking="useFirstPass"
multi-threaded=true
;
};
----------------------------------------------------------------------------------------------------------
mysql-ds.xml
<?xml version="1.0" encoding="UTF-8"?>
<local-tx-datasource>
<jndi-name>MySqlDS</jndi-name>
<connection-url>jdbc:mysql://localhost:3306/FiboTest</connection-url>
<driver-class>com.mysql.jdbc.Driver</driver-class>
<user-name>root</user-name>
</local-tx-datasource>
------------------------------------------------------------------------------------------------------------
login-config.xml
<application-policy name="FiboTest">
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<module-option name="dsJndiName">java:/MySqlDS</module-option>
<module-option name="principalsQuery">select Password from Principals where PrincipalID=?</module-option>
<module-option name="rolesQuery">select Role 'Role' from Roles where PrincipalID=?</module-option>
</login-module>
<!- Working with static files defined below -->
<!--<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option name="usersProperties">props/jbossws-users.properties</module-option>
<module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
<module-option name="unauthenticatedIdentity">anonymous</module-option>
</login-module>-->
</application-policy>
<application-policy name="FiboTestDBRealm">
<login-module
code="org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag="required">
<module-option name="principal">root</module-option>
<module-option name="userName">root</module-option>
<module-option name="password"></module-option>
<module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option>
</login-module>
</application-policy>
-------------------------------------------------------------------------------------------------------------
Any Help is Appreciated.