This content has been marked as final. 
    
Show                 3 replies
    
- 
        1. Re: Security context propagation between Seam EJB componentseyrignou Aug 20, 2007 7:21 AM (in response to eyrignou)I found a way to stop the exceptions, but it still doesn't work... Help would be greatly appreciated ! 
 In my components.xml, I reference a realm:<security:identity authenticate-method="#{authenticator.authenticate}" jaas-config-name="sylveaAuth"/>
 Which I defined into my application:
 jboss-app.xml of my ear:<jboss-app> <module-order>strict</module-order> <module> <service>sylvea-login-service.xml</service> </module> <loader-repository> com.april.sylvea:loader=sylvea </loader-repository> </jboss-app> 
 sylvea-login-service.xml:<?xml version="1.0" encoding="UTF-8"?> <server> <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" name="sylvea:service=DynamicLoginConfig"> <attribute name="AuthConfig">sylvea-login-config.xml</attribute> <depends optional-attribute-name="LoginConfigService"> jboss.security:service=XMLLoginConfig </depends> <depends optional-attribute-name="SecurityManagerService"> jboss.security:service=JaasSecurityManager </depends> </mbean> </server> 
 and sylvea-login-config.xml:<?xml version='1.0'?> <!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN" "http://www.jboss.org/j2ee/dtd/security_config.dtd"> <policy> <application-policy name="sylveaAuth"> <authentication> <!-- Add this line to your login-config.xml to include the ClientLoginModule propogation --> <login-module code="org.jboss.security.ClientLoginModule" flag="required"> <module-option name="multi-threaded">true</module-option> <module-option name="restore-login-identity">true</module-option> <!-- <module-option name="password-stacking">useFirstPass</module-option>--> </login-module> <login-module code="org.jboss.seam.security.jaas.SeamLoginModule" flag="required" /> </authentication> </application-policy> </policy> 
 I also added a jboss-web.xml in the WEB-INF of my web-app (I don't know if it is useful):<jboss-web> <security-domain>java:/jaas/sylveaAuth</security-domain> </jboss-web> 
 I added a jboss.xml in the META-INF of the jar of my EJBs:<?xml version="1.0" encoding="UTF-8"?> <jboss> <security-domain>sylveaAuth</security-domain> </jboss> 
 But the propagation still doesn't work:@Stateful @Scope(ScopeType.CONVERSATION) @Name("myAction") public class MyActionImpl extends MyAction { @Resource private SessionContext context; @Factory(value="intermediaireList", scope=ScopeType.EVENT) public void findIntermediaires() { boolean loggedIn = Identity.instance().isLoggedIn(); // Seam works fine Principal seamPrincipal = Identity.instance().isLoggedIn(); // Seam Principal works fine Principal principal = context.getCallerPrincipal(); // JEE principal contains nothing => wrong String name = principal.getName(); // JEE name is null => wrong ... } }
- 
        2. Re: Security context propagation between Seam EJB componentseyrignou Aug 20, 2007 10:39 AM (in response to eyrignou)I am afraid my problems is refered as http://jira.jboss.com/jira/browse/JBSEAM-729 
 Right ?
- 
        3. Re: Security context propagation between Seam EJB componentsyet_another_kain Sep 13, 2007 8:29 AM (in response to eyrignou)Hi all, 
 I am experiencing the same kind of problems. It seems impossible to transmit Seam security context informations to JEE security context ...
 I can imagine some realy ugly solutions, but I would prefer some pretty one :)
 
    