2 Replies Latest reply on Dec 9, 2013 8:41 PM by ybxiang.china

JAAS in JBoss 7

heldwein Dec 9, 2013 6:47 AM

Hello all together,

I have a rich client that performs remote EJB calls on a JBoss AS 7.1.1. The remote EJB connection works perfect.

However, I need to authenticate users on the rich client side. How can I send the user authentication information to the JBoss 7 server and evaluate it there (preferably with a DatabaseLoginModule)?

As far as I understood, it should work by configuring my own security domain on JB7 and annotating the EJBs with its name. In the configuration of the security domain, I defined my LoginModule and I've packaged the class in my own module.

However, what do I need to do on the client side with my authentication information and how can I access it in my login module?

Any help is greatly appreciated.

Ciao
Christian

1. Re: JAAS in JBoss 7

ybxiang.china Dec 9, 2013 8:38 PM (in response to heldwein)

How to configure JAAS:
JBoss AS 7.2.0 - Java EE application development - 05.How to configure Security domain and JAAS - part.1 and part.2
Actions

2. Re: JAAS in JBoss 7

ybxiang.china Dec 9, 2013 8:41 PM (in response to heldwein)

How to login in rich client:

(a) ISecuredRemoteSession is an EJB interface.

private ISecuredRemoteSession securedRemoteSessionProxy;

(b) look for the EJB proxy by JNDI:

	public void connectToServer(String serverIP, String username, String password) throws Exception{
	this.username = username;
	this.serverIP = serverIP;
	InitialContext context;

	try{
	Properties p = new Properties();
	p.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");
		p.put("remote.connections", "default");
		p.put("remote.connection.default.host", serverIP);
		p.put("remote.connection.default.port", "4447");
	p.put("remote.connection.default.username", username);
	p.put("remote.connection.default.password", password);
	p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");
	p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER");
	p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
	p.put("remote.connection.default.connect.options.org.xnio.Options.SSL_STARTTLS", "true");
	p.put("remote.connection.default.connect.timeout", "30000");//for xnio

	EJBClientConfiguration cc = new PropertiesBasedEJBClientConfiguration(p);
	ContextSelector<EJBClientContext> selector = new ConfigBasedEJBClientContextSelector(cc);
	EJBClientContext.setSelector(selector);

	//EJBClientContext.getCurrent().registerInterceptor(0,new ClientSessionTokenInterceptor());
	//EJBClientContext.getCurrent().registerInterceptor(1,new ClientExceptionInterceptor());

	Properties props = new Properties();
	props.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
	context = new InitialContext(props);
	securedRemoteSessionProxy = (ISecuredRemoteSession)context.lookup(jndiName);
	}catch(Exception e){//TCP连接失败的异常不会被抛出！
		log.error("连接服务器失败：",e);
		throw ConnectionToServerFailedException.INSTANCE;
	}

}

Go to original post