-
1. Re: SecurityAssociation
jaikiran Jul 5, 2011 3:34 AM (in response to berni02)How/Where were you using that class in previous versions?
-
2. Re: SecurityAssociation
berni02 Jul 5, 2011 5:19 AM (in response to jaikiran)The principal we are using for cross cutting concerns likeuser, mandator, version, etc.
We are using following methods for our security on a rich client or seam web frontend
- SecurityAssociation.setPrincipal(principal);
- SecurityAssociation.setCredential(credential);
On the server side we are using follwing methods to evaluate these values by @SecurityDomain and @Rolesallowed:
SecurityAssociation.getPrincipal()
SecurityAssociation.getCredential()
-
3. Re: SecurityAssociation
berni02 Jul 5, 2011 5:29 AM (in response to berni02)After I read the painfull thread: "jboss-as-client 7.0.0.CR1?"
It is clear - which means for our project: No Jboss 7.0
-
4. Re: SecurityAssociation
berni02 Jul 15, 2011 7:40 AM (in response to berni02)Hi,
I am still wondering what happen to the SecurityAssociation.
I was using it to get and manipulating the current caller principal in the current context in a ejb.
If there a different way to retrieve and set the current principal and its crendential?
Can anybody help me?
Regards,
Bernhard
-
5. Re: SecurityAssociation
dlofthouse Jul 15, 2011 9:32 AM (in response to berni02)To actually set these values you can still use the ClientLoginModule to make the association so that it can be used for authentication on the next call.
For the authentication stage is there a reason you can't just supply your own login module to perform the verification?
-
6. Re: SecurityAssociation
berni02 Jul 18, 2011 4:55 AM (in response to dlofthouse)We are having a own login module, bu wer are using the principal to transport cross cutting concerning informations. E.g. multi-client capability which decides in a hibernate inteceptor which database schema used.
Does anybody know, how accessing the current principal in the context?
-
7. Re: SecurityAssociation
berni02 Nov 29, 2011 4:53 AM (in response to berni02)Hi,
by availability of JBoss 7.1-B1 I came back to evaluate migration effort from jboss 4 to 7.
I still facing the Problem of the missing SecurityAssociation. I’ve searched for hours around, but I found nothing.
I am setting the caller principal in a Servlet (or RMI Client) by contextProperties.put(Context.SECURITY_PRINCIPAL, ...)
I have an interceptor which modifies each SQL Database call with the principal-coded dependent db-schema.
We used before SecurityAssociation.getPrincipal() - How can get the current caller principal without the SecurityAssociation?
ejbcontext.getCallerPrincipal() is not delivering the principal which was set in the calling context. It delivers anonymous.
Our DatabaseLoginModule is also using the SecurityAssociation.getPrincipal and SecurityAssociation.getCredential().
Unfortunately I found not much documentation about security and jboss 7.
I appreciate any help.
Regards,
Bernhard
-
8. Re: SecurityAssociation
firstlion Jan 25, 2012 3:13 AM (in response to berni02)Hi,
I think it is now "SecurityContextAssociation". Don't know, if it has all the "old" features, but it has some of them.
I hope, it helps someone.
Martin
-
9. Re: SecurityAssociation
sfcoy Jan 25, 2012 5:14 AM (in response to berni02)JBoss AS7.x security is built on PicketBox. You may have more luck over there.
Also, if you have a look at the discussion @RolesAllowed, @DenyAll require presence of org.jboss.ejb3.annotation.SecurityDomain? you will find useful information on properly setting up the security domain in the jboss-ejb3.xml file, which replaces the old jboss.xml file. Additionally I posted some code that does some arquillian based integration testing of security elements by performing a JAAS login.
The ClientLoginModule used in AS7.1CR1b is found in the picketbox-4.0.6.Beta2.jar. There's a source jar for this in the maven repository.
The fact that you're getting anonymous as the caller principal tells me that you need to update your login module. My test code did exactly that until I included the ClientLoginModule in my javax.security.auth.login.Configuration object.