0 Replies Latest reply on Apr 12, 2013 1:44 PM by marcavaj

    JBoss Web Service Integrates with Filenet API:  Authentication

    marcavaj

      I apologize in advance if this is the wrong forum to be posing this question.  I'd post to IBM's "developerWorks" forum, but it's currently in read-only mode until April 15, 2013.

       

      JBoss AS version:  7.1.1.Final

      Filenet Content Engine (CE) version:  5.1 fix pack 002

      Environment:  Microsoft Windows using Active Directory

      Server 1:  JBoss Application - exposes JAVA web services which integrate with the Filenet CE web services

      Server 2:  Websphere Network Deployment - exposes Filenet CE web services

       

      Issue:  Company policy requires JBoss to run as a windows service using a Domain account.  It also dictates that the domain account be used to connect to the Filenet CE Web Services.  The authentication between the two services is handled using JAAS.

       

      Currently, the Filenet username and password are stored in a properties file (in plain text).  I understand it's possible to use JBoss Vault to mask the password but that goes against our standard.  It works like this:

       

      //Jace.jar

      import com.filenet.api.util.UserContext;

      import com.filenet.api.core.Connection;

      import javax.security.auth.Subject;

      import com.filenet.api.core.Factory;

      import com.company.util.PropertyUtil;

      .

      .

      .

      String connectionString = "<connString here>";

      Connection conn = Factory.Connection.getConnection(connectionString);

      UserContext uc = UserContext.get();

      Subject sub = UserContext.createSubject(conn, PropertyUtil.getProperty("filenet.username"), PropertyUtil.getProperty("filenet.password"), "FileNetP8WSI");  //where "FileNetP8WSI is the JAAS stanza

      uc.pushSubject(sub);

       

      From here, a good JAAS subject is retrieved and the Filenet CE web services can be contacted for CRUD operations in the object store (document repository).

       

       

      However, I'd like it to work like this (or some other variation):

      String jbossWindowsServiceUsername = <routine to fetch domain user account JBoss is currently running as>;

      String jbossWindowsServicePassword = <routine to fetch domain user's password JBoss is currently running as>;

      String connectionString = "<connString here>";

      Connection conn = Factory.Connection.getConnection(connectionString);

      UserContext uc = UserContext.get();

      Subject sub = UserContext.createSubject(conn, jbossWindowsServiceUsername, jbossWindowsServicePassword, "FileNetP8WSI");  //where "FileNetP8WSI is the JAAS stanza

      uc.pushSubject(sub);

       

       

      Any help this group can provide would be wonderful.  Thanks in advance.

      Joe M.