1 Reply Latest reply on Jun 15, 2010 6:47 AM by villagra

    SessionContext.getcontext() = null with custom loginModule with jboss 5.1

    villagra

      Hi all... after a lot of reading i still dont have a solution for this problem, i'm kind of desperate...

       

      In this example bean, the context.getcontext() is allways null but, if i retrieve the subject with the securityAssociation i get the correct principals (+ a null ¿?¿? )

       

      This is what i have:

       

      And this is my project structure (i'm using maven)

      - server-ejb
      - server-javaws
      - ear-builder (project to build the final ear with the ejb.jar and the javaws.war)
      -- test-jboss-beans.xml
      -- META-INF / jboss-app.xml

       

       

      test-jboss-beans.xml
      <?xml version="1.0" encoding="UTF-8"?>
      <deployment xmlns="urn:jboss:bean-deployer:2.0">
      <application-policy xmlns="urn:jboss:security-beans:1.0" name="test">
      <authentication>
      <login-module code="xxx.TestLoginModule" flag="required" />
      <login-module code="org.jboss.security.ClientLoginModule" flag="required" />
      </authentication>
      </application-policy>
      </deployment>
      and jboss-app.xml
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE jboss-app PUBLIC "-//JBoss//DTD Java EE Application 5.0//EN" "http://www.jboss.org/j2ee/dtd/jboss-app_5_0.dtd">
      <jboss-app>
        <security-domain>java:/jaas/test</security-domain>
        <module>
          <service>test-jboss-beans.xml</service>
        </module>
      </jboss-app>

       

       

      Bean test (server-ejb-project):

       

      @Stateless(name=TestService.BEANNAME)
      public class TestServiceBean implements TestService {
           @Resource
           private SessionContext session;
           public void test(){
                Principal p =  session.getCallerPrincipal();
                Subject s = SecurityAssociation.getSubject();
           }

      }

       

      After the login p ( name = null )

       

      but subject s =

       

      Principal: jm.villagra

      Principal: Roles(members:Admin)

      Principal: CallerPrincipal(members:jm.villagra)

      Principal: null  <== ¿?¿?

       

       

      This is the dummy LoginModule

       

      public class TestModule implements LoginModule {

       

          private Subject subject;

          private SimplePrincipal caller;

       

          @Override

          public void initialize(Subject aSubject, CallbackHandler aCallbackHandler, Map aSharedState, Map aOptions) {

              subject = aSubject;

          }

       

          @Override

          public boolean login() throws LoginException {

             caller = new SimplePrincipal("jm.villagra");

              return true;

          }

       

          @Override

          public boolean commit() throws LoginException {

       

              try {

       

              Set<Principal> principals = subject.getPrincipals();               

                     

              Group roles = new SimpleGroup("Roles");

              roles.addMember(new SimplePrincipal("Admin"));

       

              Group callerPrincipal = new SimpleGroup("CallerPrincipal");                       

              callerPrincipal.addMember(caller);

             

              principals.add(caller);

              principals.add(roles);       

              principals.add(callerPrincipal);               

             

              return true;

             

              } catch (Exception e) {

                  throw new LoginException(e.getMessage());

              }

          }

      }

       

      And this is how i do the login from the server-javaws project
          LoginContext lc = new LoginContext("test", handler);
          lc.login();

       

      What am i doing wrong??? I've spent a lot of time with this and i cannot find a solution

       

      Thank you very much

        • 1. Re: SessionContext.getcontext() = null with custom loginModule with jboss 5.1
          villagra

          Ok, problem solved

           

          The ClientLoginModule is the one who sets the context.getcontext() principal, and it needs the name NameCallback, otherwise i get the null

           

                        CallbackHandler handler = new CallbackHandler() {
                             @Override
                             public void handle(Callback[] callbacks) throws IOException,
                                       UnsupportedCallbackException {
             
                                  Callback[] mcallbacks = callbacks;
             
                                  NameCallback nameCallback = (NameCallback) mcallbacks[0];
                                  nameCallback.setName("jm.villagra");   
                             }
                        };

           

          My dummyLoginModule didn't use the callback, so namecallback allways have a null as a name value.

           

          Next step, use a CustomPrincipal instead of SimplePrincipal