0 Replies Latest reply on Sep 16, 2010 6:47 AM by tibocuvillier

    Client and server side LoginModule wrapping a LDAP server

    tibocuvillier
    tibocuvillier Sep 16, 2010 6:47 AM

      Hi,

       

      I wrote a Swing client using a custom LoginModule accessing a LDAP server.

       

      The LoginModule check the user principal / credential and add a SimplePrincipal in the client-side Subject.

      The security domain add the user principal / credential to the JBoss SecurityAssociation withthe JBoss ClientLoginModule.

       

      Then, the  Swing client call an EJB method.

       

      The EJBs deployed on the server use another custom LoginModule (JBoss-style extending UsernamePasswordLoginModule)  to access the same LDAP server (the LDAP code is shared by  the client and the server LoginModule).

       

      Both the client and server side  LoginModules use the same security domain name.

       

      So, I expect the security context to be propagated from the client to the server.

       

      ... but I just get the following exception:

       

       

      Caused by: javax.ejb.EJBAccessException: Invalid User
      at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:165)
      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)

      Caused by: javax.ejb.EJBAccessException: Invalid User

      at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:165)

      at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)

       

      Any idea ?

       

      Tks.

      Thibault.