-
1. Please ignore...Another senior moment!
cobraflow Apr 28, 2003 5:40 AM (in response to cobraflow)This LDAP stuff is all working (very) well!!!!
It's me!
Lewis -
2. Re: LDAP -> getCallerPrincipal returns null ??
mgariepy Jun 4, 2003 5:07 PM (in response to cobraflow)Lewis,
I'm running 3.2.1 and trying to get the Database JAAS to work. My config looks like:
LOGIN-CONFIG.XML (in server/default/conf)
<application-policy name="awareSecurity">
<login-module flag="required" code="org.jboss.security.auth.spi.DatabaseServerLoginModule">
<!-- This tells it where to find the MS SQL Server DataSource that provides the usernames/passwords. -->
<module-option name="dsJndiName">java:/AwareDB</module-option>
<module-option name="principalsQuery">select login_id, password from aw_user where login_id = ?</module-option>
<module-option name="rolesQuery">select login_id, auth_level, auth_group from aw_user where login_id = ?</module-option>
</login-module>
</application-policy>
AUTH.CONF (in client/ )
org.jboss.security.auth.spi.DatabaseServerLoginModule required
dsJndiName="java:/AwareDB"
principalsQuery="select login_id, password from aw_user where login_id = ?"
rolesQuery="select login_id, auth_level, auth_group from aw_user where login_id = ?"
unauthenticatedIdentity=nobody
;
Deployment descriptors in my awPrefs EJB:
JBOSS.XML
<security-domain>java:/jaas/awareSecurity</security-domain>
<enterprise-beans>
EJB-JAR.XML
<assembly-descriptor>
<security-role>
<role-name>Read</role-name>
</security-role>
<security-role>
<role-name>Write</role-name>
</security-role>
<method-permission>
<role-name>Read</role-name>
<ejb-name>awPrefs</ejb-name>
<method-name>*</method-name>
</method-permission>
The awPrefs EJB deploys correctly.
I'm having trouble in the client code, it returns that principal is null in server log. Psuedo client code looks like:
AppCallbackHandler handler = new AppCallbackHandler(username, password.toCharArray());
LoginContext lc = new LoginContext("client-login", handler);
lc.login();
...
initialize() //Get JNDI initialContext
Any idea what my client code should look like? Since you had a working system with a Database login module, I thought I ask ...
Many Thanks!
Mark