-
1. Re: Custum LoginModule calling EJB in non-default security d
kaloisi Nov 28, 2006 9:49 PM (in response to camueller)
Not sure if I understand exactly your problem but I have a LoginModule access a secured EJB. I used RunAsLoginModule as an example.
The problem is that JBoss has a stack containing principals and credentials. When a login module is called this stack is empty so if your LoginModule tries to acces a EJB the security intercepter tries to re-login and you end up in an infinite loop. At the beinging of you login() method you need to push the role that is defined in your jboss.xml. This way when the security intecrept is applied it will find the correct role and let the access through.
http://docs.jboss.org/jbossas/javadoc/4.0.5/security/org/jboss/security/auth/spi/RunAsLoginModule.html
--kevin -
2. Re: Custum LoginModule calling EJB in non-default security d
camueller Nov 29, 2006 11:04 AM (in response to camueller)In order to have login() push the roles defined in jboss.xml I need to retrieve them from a secured EJB. Kind of hen-and-egg problem ...
Any idea? -
3. Re: Custum LoginModule calling EJB in non-default security d
starksm64 Dec 9, 2006 11:51 AM (in response to camueller)A login module in domain1 cannot call a secured ejb in domain1. You can specify the security domain at the bean level using the container-configuration setup of jboss.xml:
<jboss> <enterprise-beans> <entity> <ejb-name>AuditMappedEJB</ejb-name> <local-jndi-name>cmp2/audit/AuditMapped</local-jndi-name> <configuration-name>Secured CMP 2.x EnitityBean</configuration-name> </entity> </enterprise-beans> <container-configurations> <container-configuration extends="Standard CMP 2.x EntityBean"> <container-name>Secured CMP 2.x EnitityBean</container-name> <security-domain>java:/jaas/other</security-domain> </container-configuration> </container-configurations> </jboss>