Hi everybody,
I've developed a EJB3.0 Application; now I want to add security using JAAS.
The client is a rich Delphi application that comunicates with server via HTTP througth a servelt. This servlet has this login JAAS code:
loginContext = new LoginContext("GTSPDB", new MyCallbackHandler(user, password)); loginContext.login();
12:31:11,304 TRACE [SecurityAssociation] getCallerPrincipal, principal=null 12:31:11,320 ERROR [STDERR] java.lang.IllegalStateException: No valid security context for the caller identity
<application-policy name = "GTSPDB"> <authentication> <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> <module-option name="dsJndiName">java:/MySqlHibernate</module-option> <module-option name="principalsQuery">SELECT password FROM user WHERE name=?</module-option> <module-option name="rolesQuery">SELECT rolename,'Roles' FROM userrole WHERE userrole.username=?</module-option> </login-module> </authentication> </application-policy>