-
1. Re: Strange behaviour from SecurityClient
meme Oct 14, 2011 5:21 PM (in response to mandelbr0t)The ClientLoginModule (which is also used in the SecurityClient) is something like a "cache". If you're "login" using this
module, the credentials (username, password) are stored in memory. The real authentication against the server is done when
it's accessed the first time. I'm doing that in my projects shortly after your sec.login() method. So I can catch the LoginException and
react on it in my GUI for example.
m.
-
2. Re: Strange behaviour from SecurityClient
mandelbr0t Oct 14, 2011 5:28 PM (in response to meme)OK, thanks. That is consistent with what I'm seeing. So, the EJBAccessException is expected when authenticating against a secured EJB with the wrong login credentials. The GUI app works properly, I just didn't expect to have to catch both exceptions.
-
3. Re: Strange behaviour from SecurityClient
mandelbr0t Oct 19, 2011 8:19 PM (in response to meme)Something is still wrong. I have removed the unauthenticatedIdentity option to ensure that I'm not accidentally using an unauthenticated identity. However, when trying to accessing the secured EJB on another server, the application no longer attempts to authenticate (I have security tracing on). I simply get an EJBAccessException (Invalid User) without any messages appearing in the server trace. Why won't my SecurityClient authenticate with the server?
-
4. Re: Strange behaviour from SecurityClient
mandelbr0t Oct 19, 2011 8:33 PM (in response to mandelbr0t)OK, I have two related problems. I will close this thread since I am having trouble with a different issue.