JAAS Implementation with JBOSS
mhwish Mar 7, 2010 10:57 PMI have made a Simple Login Applicat
ion, thats implemnent JAAS.
My Applicaiton Authenticate the User Successullly, but not authorize.
I am using MySQL (Database)
Server: JBOSS 4.0
I have made Two Tables:
1: Login (with column username ,password)
DATA-----------> ali 123
2:Userrole(with column username ,role, roleGroup)
DATA-----------> ali user Admin
Authentication Successful:
2:54:47,828 INFO [STDOUT] Here Our Subject is =Subject:
Principal: ali
Principal: Admin(members:user)
2:54:47,828 INFO [STDOUT] Principal= ali,org.jboss.security.SimplePrincipal
2:54:47,828 INFO [STDOUT] Principal= Admin(members:user),org.jboss.security.SimleGroup
2:54:47,828 INFO [STDOUT] ....Authentication Succeeded.....
But Problem is here:
An Exception occurs:
2:54:48,359 ERROR [RoleBasedAuthorizationInterceptor] Insufficient permissions, principal=null, requiredRoles=[user], principalRoles=[ ]
2:54:48,359 INFO [STDOUT] Authorization failure
2:54:48,359 ERROR [STDERR] javax.ejb.EJBAccessException: Authorization failure
2:54:48,359 ERROR [STDERR] at org.jboss.ejb3.security.RoleBasedAuthorizatio
Interceptor.invoke(RoleBasedAuthorizationInterceptor.java:104)
2:54:48,359 ERROR [STDERR] at org.jboss.aop.joinpoint.MethodInvocation.invoeNext(MethodInvocation.java:101)
Why I am getting this error while In Authentication "lc.login()" found the principal ali but when I am going to authorize "ali" then principal found =null.....
In My LoginSessionBean I have made method "hello()" Such as:
@Resource SessionContext ctx;
@RolesAllowed ({"user"} )
public void hello() {
System.out.println(".............With in hello() method..................");
System.out.println(ctx.getCallerPrincipal().getName());
System.out.println(".............Role are going to verify authorize users..................");
if(ctx.isCallerInRole("user")) {
System.out.println("hello Ali you r authorize to access:");
}else if(ctx.isCallerInRole("supervisor")) {
System.out.println("hello you r authorize to access");
}else {
System.out.println("UNAUTHORISED ");
}
}