LoginContext timeout after update from Jboss 4.2.3 to 5.1
asterisk Aug 2, 2010 8:55 AMHi,
I am working on an upgrade of our EJB2 application from Jboss 4.2.3 to Jboss 5.1.0. My problem is that the client application can log in and call bean methods, but after a few seconds it is not possible any more, because the user is not authenticated any more.
This is my login-config.xml (partially):
{code:xml}
<application-policy name = "myApp">
<authentication><login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="sufficient">
<module-option name="dsJndiName">java:/OracleDS</module-option>
<module-option name="principalsQuery"><![CDATA[select pswd from user_t where username=? and LOGINFAILCOUNT < 3 and USERLOCKED<>'1']]></module-option>
<module-option name="rolesQuery">select g.applrolename, 'Roles' from useringroup_t u, groupinapplrole_t g where u.groupname = g.groupname and u.username=?</module-option>
<module-option name="unauthenticatedIdentity">unauthenticated</module-option>
</login-module>
</authentication>
</application-policy>{code}
And here is the code to call the bean method for the first time:
{code}
LoginContext lc = new LoginContext("other", mUsernamePasswordHandler);lc.login();
Hashtable<String, String> props = new Hashtable<String, String>();
props.put(Context.PROVIDER_URL, theProviderURL);
Context ctx = new InitialContext(props);
Ejb2TestHome ejb2beanHome = (Ejb2TestHome)ctx.lookup("Ejb2Test");
Ejb2Test ejb2bean = ejb2beanHome.create();
String answer = ejb2bean.test();{code}
Later I just use (in another class)
{code}
Ejb2TestHome ejb2beanHome = (Ejb2TestHome)ctx.lookup("Ejb2Test");Ejb2Test ejb2bean = ejb2beanHome.create();String answer1 = ejb2bean.test();{code}
This worked with Jboss 4.2.3. But now I get a SecurityException, the principal "unauthenticated" is used in this case. It only works if I call lc.login() again right before instanciating the bean. Doing this is not a solution, of course, because I would have to change a lot of code.
Does anybody know what I have to change? Do I need to change the Jboss configuration? Or do I need to use another login method in my Swing client?
Thank you in advance!