4 Replies Latest reply on Jun 2, 2013 6:39 AM by wdfink

    Calling an EJB from a LoginModule ?

    cfillot

      Hi,

       

      Is it possible to call an EJB method from a LoginModule configured in a security-domain, to delegate a username/password

      verification to it ? I can try easily with a Context lookup and all, but I'm more interested to know if this is dumb and/or

      bad practice

       

      Thanks in advance,

       

      Christophe

        • 1. Re: Calling an EJB from a LoginModule ?
          wdfink

          As a login module is meant as a container service for security.

          I suppose that calling an EJB will be container dependend and not portable as the behaviour can be different.

           

          I would use that approach only if it is for integration of an old implementation.

          1 of 1 people found this helpful
          • 2. Re: Calling an EJB from a LoginModule ?
            sfcoy

            You need to be careful of creating a chicken and egg situation.

             

            ie. What is securing the EJB? The same LoginModule that is calling it?

            1 of 1 people found this helpful
            • 3. Re: Calling an EJB from a LoginModule ?
              cfillot

              Thanks Wolf-Dieter, I'll use a more "classical" approach to avoid portability problems, even if I use only JBoss AS for my apps at the moment.

               

              Stephen, you made a good point, indeed the EJB would be in the security-domain secured by this LoginModule. I wanted to mark the EJB verification method with @PermitAll, but it will still go through the JAAS process and cause the chicken and egg situation you described.

              • 4. Re: Calling an EJB from a LoginModule ?
                wdfink

                Yes the problem is often that such approaches are not running if you da an server upgrade, maybe only a minor version, this depends on the exact flow. Here you are in the middle of the authentication and it is not clear what happen.