Logon problem with security domain and EJB2
katerchen0815 Nov 8, 2012 10:25 AMI have a problem with logon on JBoss and a security domain. The application is a WebStart application. The idea is to log on and make some beans working. The beans fetch information from a database and will authenticate a user e.g. by his biometrics. Then the user is logged on with his credentials. On JBoss 4 the task was easy. The logon preparation was done by:
/* does not longer work with JBoss > 4 SecurityAssociation.setPrincipal(new SimplePrincipal( ILConstants.ANONYMOUS_NAME )); SecurityAssociation.setCredential(ILConstants.ANONYMOUS_PASSWORD.toCharArray()); */ /* get the bean and rum createMethod.invoke */ */
The security domain is set inside the jboss.xml file of the EAR archive
<security-domain>myserver</security-domain>
and defined in the login-config.xml file
<application-policy name = "MyLogin"> <authentication> <login-module code="com.test.auth.MyLoginModule" flag = "required"> <module-option name = "debug">true</module-option> </login-module> </authentication> </application-policy> <application-policy name = "myserver"> <authentication> <login-module code="org.jboss.security.auth.spi.RunAsLoginModule" flag="required"> <module-option name = "roleName">myAdmin</module-option> <module-option name = "debug">true</module-option> </login-module> <login-module code="com.test.auth.MyServerLoginModule" flag = "required" /> </authentication> </application-policy>
The MyLogin domain is later used to log on the user with its credential.
As I said this works fine on JBoss 4. On JBoss 6 this is not longer possible. I replaced the java part with:
/* does not longer work with JBoss > 4 SecurityAssociation.setPrincipal(new SimplePrincipal( ILConstants.ANONYMOUS_NAME )); SecurityAssociation.setCredential(ILConstants.ANONYMOUS_PASSWORD.toCharArray()); */ /* Should work with JBoss 6 */ SecurityAssociationHandler handler = new SecurityAssociationHandler(); SimplePrincipal user = new SimplePrincipal(ILConstants.ANONYMOUS_NAME); handler.setSecurityInfo(user, ILConstants.ANONYMOUS_PASSWORD.toCharArray()); LoginContext loginContext = new LoginContext("myserver", (CallbackHandler) handler); loginContext.login(); /* get the bean and rum createMethod.invoke */ */
Here the domain "myserver" is not found. As far as I understand the documents in JBoss 4 the domain was taken from the jboss.xml file. What am I doing wrong?
Thank you for your help
Volker