-
1. Re: Invoke logout() for a custom login module
Daniel Jipa wrote:
Hello,
How can I invoke the logout() method from my custom login module remotely from a swing client ?
It seems that the username and password are cached even after calling
System.exit(0);The problem I have here is an audit it is used in application. Every time the JAAS login module is called a new record is inserted in an audit table. Due to the fact that the username and password are cached login method will never get called and new records won't be inserted.
-
2. Re: Invoke logout() for a custom login module
Hi Daniel,
Have you got any answer for your question??? I have a same situation. I have a remote swing client, however i don't know how to logout a user from jboss.
-
3. Re: Invoke logout() for a custom login module
Hello
You need to close the InitialContext opened at login.
-
4. Re: Invoke logout() for a custom login module
Thank you Daniel, i appreciate. i will try this on monday, now i am on holiday for two days.
-
5. Re: Invoke logout() for a custom login module
Hi Daniel,
I tried to close InitialContext, but it didn't work. JBOSS keeps my credentials in its cache. I tried the code below is it ok? If wrong, please correct me.
My client code:
Properties pr = new Properties();
pr.put("endpoint.name", "client-endpoint");
pr.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false");
pr.put("remote.connections", "default");
pr.put("remote.connection.default.port", "4447");
pr.put("remote.connection.default.host", "10.204.10.54");
pr.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER");
pr.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");
pr.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
pr.put("remote.connection.default.username", "49351259682");
pr.put("remote.connection.default.password", "Test12345");
EJBClientConfiguration cc = new PropertiesBasedEJBClientConfiguration(pr);
ContextSelector < EJBClientContext > selector = new ConfigBasedEJBClientContextSelector(cc);
EJBClientContext.setSelector(selector);
Properties props = new Properties();
props.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
props.put("jboss.naming.client.ejb.context", true);
try {
Context c = new InitialContext(props);
kullaniciEJB = (KullaniciEJBRemote) c.lookup("ejb:merveys-kayit-tckkys/merveys-kayit-ejb-tckkysKullaniciEJB!tr.gov.tubitak.bilgem.uekae.deys.tckk.merveys.common.controller.ejb.kullanici.KullaniciEJBRemote");
int count = kullaniciEJB.countKartIslemList(1L, null, null);
c.close();
} catch (NamingException e) {
e.printStackTrace();
}
-
6. Re: Invoke logout() for a custom login module
Hello Serkan,
For me this context closing worked in the way that if I enter wrong credentials again in the same authenticated jvm the login module will get called and wrong password will not be accepted. Unfortunatelly I could not find a solution to invoke the logout method directly from client.
-
7. Re: Invoke logout() for a custom login module
Unfortunatelly I could not find a solution to invoke the logout method directly from client.
Thank you Daniel for your reply. Actually i want to logout the user, i mean clearing jboss cache, when the user wants to close remote application. So, i can call a remote ejb to clear jboss cache. This remote ejb will call necessary logout code in container. Is the code below enough for this???
try {
MBeanServerConnection mbeanServerConnection = ManagementFactory.getPlatformMBeanServer();
ObjectName mbeanName = new ObjectName("jboss.as:subsystem=security,security-domain=CaponeJaas");
mbeanServerConnection.invoke(mbeanName, "flushCache", null, null);
} catch (Exception e) {
throw new SecurityException(e);
}
-
8. Re: Invoke logout() for a custom login module
Hello,
This code just logs out and then logs in the users with the same credentials. I think this is only good for updating roles for logged users.
-
9. Re: Invoke logout() for a custom login module
I think i will raise a bug or a feature request for this discussion, i have not found a solution yet
-
10. Re: Invoke logout() for a custom login module
I raised a feature request for this discussion, thanks Daniel for your help.
-
11. Re: Invoke logout() for a custom login module
Would the following be possible?
The user clicks on logout. The client application calls close() on the InitialContext which was used to get the proxies. After this a server method is called by the client application that flushes the jaas authentication cache providing the name of the user who just logged out as parameter (code can befound here: https://community.jboss.org/message/614629). Then when the user logs in again a new InitialContext gets created. The username and password are provided programmatically via:
jndiProperties.put(Context.SECURITY_PRINCIPAL, principal);
jndiProperties.put(Context.SECURITY_CREDENTIALS, credential);
new InitialContext(jndiProperties);
Of course all of this wouldn't be very secure because the client application could be manipulated so that flush would never be called at the server. So a suitable DefaultCacheTimeout is still required. (Unfortunately I don't know how to set this in AS7).
-
12. Re: Invoke logout() for a custom login module
Hello,
I am using Wildfly10 and have been experiencing this same issue. The issue shows as resolved but can't seem to find how it got resolved. Can anyone help? I need to be able to clear the security domain cache once the session expires.
Thank you for your help!