I'm having a problem with Jboss and JAAS authentication.
I've created a PasswordLoginModule class which extends LoginModule, and a CallbackHandler class which implements CallbackHandler. Both works fine.
My bean is very simple:
@Stateless @Remote(SecurityBean.class) @DeclareRoles({"admin"}) public class SecurityBeanImpl implements SecurityBean { @Resource private SessionContext ctx; public String getSimpleString() { if (ctx.isCallerInRole("admin")) System.out.println("Caller is in admin role"); else System.out.println("Caller is NOT in admin role"); return "insecure string"; } }
LoginContext loginContext = new LoginContext("MyLogin", new CallbackHandler()); loginContext.login(); Hashtable<String, String> env = new Hashtable<String, String>(); env.put(InitialContext.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory"); env.put(InitialContext.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces"); env.put(InitialContext.PROVIDER_URL, "jnp://localhost:1099"); Context ctx = new InitialContext(); SecurityBean bean = (SecurityBean) ctx.lookup("SecurityBeanImpl/remote"); String res = bean.getSimpleString(); System.out.println("bean returned: " + res);
2011, JBOSS 6. The same question - no answers...