Hi,
I have a little doubt about the ClientLoginModule. I am able to use this module on my standalone client, but it works in a different way than the expected. The AA is been done when a method from an EJB (properly configured) is called, but not when I call the LoginContext.login method.
Can some one give me an example of how to combine this ClientLoginModule with another LoginModule so the authorization is performed on the LoginContext.login method?
What I have up until now is the following:
--- on the standalone client ---
[other.conf]
other { // jBoss LoginModule org.jboss.security.ClientLoginModule required ; // Put your login modules that need jBoss here };
try { System.setProperty("java.security.auth.login.config", "other.conf"); CallbackHandler handler=new UsernamePasswordHandler("user","1234567"); LoginContext context=new LoginContext("srp-client", handler); context.login(); InitialContext initCtx=new InitialContext(); ImportadorEsAgilRemote bean=(ImportadorEsAgilRemote) initCtx.lookup("ImportadorEsAgilBean/remote"); bean.importarPrecios("hola mundo"); } catch (LoginException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (NamingException e) { // TODO Auto-generated catch block e.printStackTrace(); }
<?xml version="1.0" encoding="UTF-8"?> <jboss> <security-domain>java:/jaas/other</security-domain> </jboss>
<application-policy name = "other"> <authentication> <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule" flag = "required" /> </authentication> </application-policy>