This content has been marked as final.
Show 3 replies
-
1. Re: Security context propagation between Seam EJB components
eyrignou Aug 20, 2007 7:21 AM (in response to eyrignou)I found a way to stop the exceptions, but it still doesn't work... Help would be greatly appreciated !
In my components.xml, I reference a realm:<security:identity authenticate-method="#{authenticator.authenticate}" jaas-config-name="sylveaAuth"/>
Which I defined into my application:
jboss-app.xml of my ear:<jboss-app> <module-order>strict</module-order> <module> <service>sylvea-login-service.xml</service> </module> <loader-repository> com.april.sylvea:loader=sylvea </loader-repository> </jboss-app>
sylvea-login-service.xml:<?xml version="1.0" encoding="UTF-8"?> <server> <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" name="sylvea:service=DynamicLoginConfig"> <attribute name="AuthConfig">sylvea-login-config.xml</attribute> <depends optional-attribute-name="LoginConfigService"> jboss.security:service=XMLLoginConfig </depends> <depends optional-attribute-name="SecurityManagerService"> jboss.security:service=JaasSecurityManager </depends> </mbean> </server>
and sylvea-login-config.xml:<?xml version='1.0'?> <!DOCTYPE policy PUBLIC "-//JBoss//DTD JBOSS Security Config 3.0//EN" "http://www.jboss.org/j2ee/dtd/security_config.dtd"> <policy> <application-policy name="sylveaAuth"> <authentication> <!-- Add this line to your login-config.xml to include the ClientLoginModule propogation --> <login-module code="org.jboss.security.ClientLoginModule" flag="required"> <module-option name="multi-threaded">true</module-option> <module-option name="restore-login-identity">true</module-option> <!-- <module-option name="password-stacking">useFirstPass</module-option>--> </login-module> <login-module code="org.jboss.seam.security.jaas.SeamLoginModule" flag="required" /> </authentication> </application-policy> </policy>
I also added a jboss-web.xml in the WEB-INF of my web-app (I don't know if it is useful):<jboss-web> <security-domain>java:/jaas/sylveaAuth</security-domain> </jboss-web>
I added a jboss.xml in the META-INF of the jar of my EJBs:<?xml version="1.0" encoding="UTF-8"?> <jboss> <security-domain>sylveaAuth</security-domain> </jboss>
But the propagation still doesn't work:@Stateful @Scope(ScopeType.CONVERSATION) @Name("myAction") public class MyActionImpl extends MyAction { @Resource private SessionContext context; @Factory(value="intermediaireList", scope=ScopeType.EVENT) public void findIntermediaires() { boolean loggedIn = Identity.instance().isLoggedIn(); // Seam works fine Principal seamPrincipal = Identity.instance().isLoggedIn(); // Seam Principal works fine Principal principal = context.getCallerPrincipal(); // JEE principal contains nothing => wrong String name = principal.getName(); // JEE name is null => wrong ... } }
-
2. Re: Security context propagation between Seam EJB components
eyrignou Aug 20, 2007 10:39 AM (in response to eyrignou)I am afraid my problems is refered as http://jira.jboss.com/jira/browse/JBSEAM-729
Right ? -
3. Re: Security context propagation between Seam EJB components
yet_another_kain Sep 13, 2007 8:29 AM (in response to eyrignou)Hi all,
I am experiencing the same kind of problems. It seems impossible to transmit Seam security context informations to JEE security context ...
I can imagine some realy ugly solutions, but I would prefer some pretty one :)