3 Replies Latest reply on Dec 26, 2006 5:15 PM by anil.saldhana

    JBoss with JAAS

    riteshpandey

      Hi

      I am securing my application with JAAS. But I am not being able to get the role of a user who is loggin.
      My code is as follows.
      ............................
      precad {
      org.jboss.security.ClientLoginModule required;
      };
      ..................

      login-config.xml

      <application-policy name = "precad">

      <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
      flag = "required">
      <module-option name = "unauthenticatedIdentity">guest</module-option>
      <module-option name = "dsJndiName">java:/MySqlDS</module-option>
      <module-option name = "principalsQuery">SELECT PASSWD FROM USERS WHERE USERID=?</module-option>
      <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM ROLES WHERE USERID=?</module-option>
      </login-module>

      </application-policy>
      ..............


      client class is....
      LoginContext lc = new LoginContext(PRECAD_LOGIN_CONTEXT,
      new DialogCallbackHandler());
      // attempt authentication
      lc.login();
      // TODO Call a user session bean instead!!!
      //Subject subject = lc.getSubject();
      Subject subject = lc.getSubject();

      getProcessRemote().login();
      where getProcessRemote is for Remote interface of stateless session bean.

      ...................

      and sessionn bean is

      public class UserProcessBean implements UserProcessRemote{
      SessionContext sescont;
      @PersistenceContext(unitName = "precad")
      // private EntityManager manager;

      //private static Logger logger = Logger.getLogger(UserProcessBean.class);

      @SuppressWarnings("unchecked")
      @RolesAllowed({"administrator","developer"})
      public void login(/*Subject subject*/) throws UserProcessException {
      try {
      System.out.println("In SERVER LOGIN..............");
      }
      catch(Exception e){e.printStackTrace();}


      I am using ejb3.

      and I want that as a user login then my getProcessRemote.login() should return the role of this user. But I do not know that how to do it.

      Please help me.

      /Ritesh