0 Replies Latest reply on Jun 3, 2011 3:47 PM by hublisid

    SecurityAssociation values are null when called from authenticating EJB

    hublisid
    hublisid Jun 3, 2011 3:47 PM

      I have a web applciation and an EJB component.

      I am using GenericHeaderAuthenticator and SSOLoginModule for the authentication. In GenericHeaderAuthenticator, I am getting the roles from siteminder and setting in org.jboss.security.SecurityAssociation class.

       

      SecurityAssociation.setContextInfo("sm_role", roles);

       

      For the authentication in EJB, the securityDomain is pointing to SSOLoginModule,

      When I am trying to access the SecurityAssociation context info in SSOLoginModule , its giving me null values, so the EJB authentication failed!!

       

      String role = (String)SecurityAssociation.getContextInfo("sm_role"); roles are coming as null.

       

      This problem is in Unix environment, the same code I tried in Windows environment it's working fine.

       

      Can anyone help me to resolve this issue?

       

      The configuration are as below:-

       

      ####################EJB Code:######################################

       

      @org.jboss.ejb3.annotation.SecurityDomain("SSOGenericHeaderAuth")

      @Stateless

      public class FooBean implements FooRemote { 

      @RolesAllowed("essga_cmdbost_custodian")  

      @Resource private SessionContext sctx; 

       

      #######war-deployers-jboss-beans.xml(c:\jboss-5.1.0.GA\server\default\deployers\jbossweb.deployer\META-INF) ########

            <property name="authenticators">
               <map class="java.util.Properties" keyClass="java.lang.String" valueClass="java.lang.String">
          <entry>
                     <key>HEADER</key>
                     <value>org.jboss.example.web.tomcat.security.GenericHeaderAuthenticator</value>
                </entry>

                 ...........

                  ...........

      ######web.xml###########

        <login-config>

            <auth-method>HEADER</auth-method>

        </login-config>

       

      #######login-config.xml(c:\jboss-5.1.0.GA\server\default\conf):##########

       

      <application-policy name="SSOGenericHeaderAuth">

         <authentication>

         <login-module code="org.jboss.example.web.tomcat.security.SSOLoginModule" flag="sufficient"/>

         <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"

         flag="required">

         <module-option name="usersProperties">props/jmx-console-users.properties</module-option>

         <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>

         </login-module>

        </authentication>

      </application-policy>

      • 1912 Views
      • Tags: