3 Replies Latest reply on Apr 18, 2007 10:54 AM by dgouvea

    Problem: JAAS + EJB + WEB

    dgouvea
    dgouvea Apr 18, 2007 8:44 AM

      Hi People,

      I'm with a big problem. I have one EJB Project in EAR File and one WEB Project in WAR File.
      How I can loggin in my WEB Project and access the EJBs in my EJB Project?

      Properties propriedades = new Properties();
 propriedades.put(Context.INITIAL_CONTEXT_FACTORY, Configuracao.getString("servidor.aplicacao.fabrica_contexto"));
 propriedades.put(Context.PROVIDER_URL, Configuracao.getString("servidor.aplicacao.url"));
 propriedades.put(Context.SECURITY_PRINCIPAL, "user");
 propriedades.put(Context.SECURITY_CREDENTIALS, "password");


      This code throws a SecurityException, because the autentication information of WEB Project not is transported from EJB Project

      Please help me,
      Thank's

      • 3447 Views
      • Tags:
        • 1. Re: Problem: JAAS + EJB + WEB
          jaikiran
          jaikiran Apr 18, 2007 9:26 AM (in response to dgouvea)

           

          How I can loggin in my WEB Project and access the EJBs in my EJB Project?


          Have a look at http://wiki.jboss.org/wiki/Wiki.jsp?page=SecureAWebApplicationInJBoss

            • Actions
          • 2. Re: Problem: JAAS + EJB + WEB
            dgouvea
            dgouvea Apr 18, 2007 10:16 AM (in response to dgouvea)

            I'm following this steps, I read many tutorials, but the problem continues.

            Look the systems steps (When WEB Project and EJB Project be in same EAR File):
            1. > User loggin in Web Application
            2. > System call JAAS LoginModule and Authentication User
            3. > Redired Index Page
            4. > Filter intercept and call EJB, after redirect to index page
            5. > Open page with data retrieved from EJB

            Look the systems steps (When WEB Project be out of EAR File):
            1. > User loggin in Web Application
            2. > System call JAAS LoginModule and Authentication User
            3. > Open page for User input data
            4. > Submit page
            5. > Servlet remote call EJB
            6. > System call JAAS LoginModule and Authentication User *
            7. > Error: not username and password **

            * Why System call JAAS Module again??
            ** Why Servlet don't transport the user logged for remote call?

              • Actions
            • 3. Re: Problem: JAAS + EJB + WEB
              dgouvea
              dgouvea Apr 18, 2007 10:54 AM (in response to dgouvea)

              Why in my Servlet, after user loggin, the SecurityAssociation.getPrincipal() returns null ?

              The SecurityAssociation only used in EJB Context ?

                • Actions