1 Reply Latest reply on May 2, 2011 9:12 AM by twieden

    Way to authenticate in Singleton Startup method

    twieden
    twieden May 2, 2011 6:48 AM

      Hello there,

       

      i'm looking for the best way to get authenticated in a ejb singleton startup method (JBoss 6.0.0).

       

      I need this, because i want to initialize some timer ejb's which require authentication (SecurityDomain),

      using a special system principal (where i have the principal name and password).

      Just calling a secured remote interface returns "Invalid user" ...

       

      So therefore the basic question: Is there a way to get authenticated to the container within a ejb and call another ?

       

      I already tried the standard login mechanism, which my client uses. There i could login, but security context is gone at the

      call to a secured remote interface to me (returns "user = null", No matching username found in Principals)

       

      Has anybody a hint for me how to solve this ?

      Should be a common issue ...

       

      Best regards,

      Timo

      • 2268 Views
      • Categories: JBoss AS 6.0
      • Tags:
        • 1. Re: Way to authenticate in Singleton Startup method
          twieden
          twieden May 2, 2011 9:12 AM (in response to twieden)

          ok, found a way - not sure if it is a consistent solution or dirty code ...

           

          I create a timer in the startup method which will be invoked few seconds after - need this to have all beans bound.

          Then i use the SecurityAssociation to get authenticated, call the session beans and clear the association.

           

          Here is the code:

           

          {code}
            @PostConstruct
            public void init() {
               // check if timer already present
              final Collection<Timer> timers = ctx.getTimerService().getTimers();
              if (timers.isEmpty() == false) {
                // Cancel timers
                for (Iterator<Timer> ita = timers.iterator(); ita.hasNext();) {
                  final Timer timer = ita.next();
                  LOGGER.debug("Cancelling all timer " + timer);
                  timer.cancel();
                }
              }
           
              // start timer
              try {
                ctx.getTimerService().createTimer(5*1000, "startupTimer);
              }
              catch (Exception e) {
                // dont care, after few seconds the next attemt will be made
                LOGGER.error("Timer not started because exception occured.", e);
                return;
              }
            }
           
            @Timeout
            public void executeTimer(Timer timer)
            {
              LOGGER.debug("Timer executed");
              SecurityAssociation.setPrincipal(new SimplePrincipal("SystemUser"));
              SecurityAssociation.setCredential("bd584ea19250ff2d4f2dd579b6e25b5182f894c4f932eb2ae9c79df56...");
           
              // Call session bean 
              dbBackupService.doBackup();
           
              SecurityAssociation.clear();
            }

           {code}

           

           

          No side effects found yet :-)

          Best regards,

          Timo

            • Actions