1 Reply Latest reply on Jun 15, 2010 6:47 AM by Anonymous User Anonymous User

    SessionContext.getcontext() = null with custom loginModule with jboss 5.1

    Anonymous User Anonymous User Newbie

      Hi all... after a lot of reading i still dont have a solution for this problem, i'm kind of desperate...

       

      In this example bean, the context.getcontext() is allways null but, if i retrieve the subject with the securityAssociation i get the correct principals (+ a null ¿?¿? )

       

      This is what i have:

       

      And this is my project structure (i'm using maven)

      - server-ejb
      - server-javaws
      - ear-builder (project to build the final ear with the ejb.jar and the javaws.war)
      -- test-jboss-beans.xml
      -- META-INF / jboss-app.xml

       

       

      test-jboss-beans.xml
      <?xml version="1.0" encoding="UTF-8"?>
      <deployment xmlns="urn:jboss:bean-deployer:2.0">
      <application-policy xmlns="urn:jboss:security-beans:1.0" name="test">
      <authentication>
      <login-module code="xxx.TestLoginModule" flag="required" />
      <login-module code="org.jboss.security.ClientLoginModule" flag="required" />
      </authentication>
      </application-policy>
      </deployment>
      and jboss-app.xml
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE jboss-app PUBLIC "-//JBoss//DTD Java EE Application 5.0//EN" "http://www.jboss.org/j2ee/dtd/jboss-app_5_0.dtd">
      <jboss-app>
        <security-domain>java:/jaas/test</security-domain>
        <module>
          <service>test-jboss-beans.xml</service>
        </module>
      </jboss-app>

       

       

      Bean test (server-ejb-project):

       

      @Stateless(name=TestService.BEANNAME)
      public class TestServiceBean implements TestService {
           @Resource
           private SessionContext session;
           public void test(){
                Principal p =  session.getCallerPrincipal();
                Subject s = SecurityAssociation.getSubject();
           }

      }

       

      After the login p ( name = null )

       

      but subject s =

       

      Principal: jm.villagra

      Principal: Roles(members:Admin)

      Principal: CallerPrincipal(members:jm.villagra)

      Principal: null  <== ¿?¿?

       

       

      This is the dummy LoginModule

       

      public class TestModule implements LoginModule {

       

          private Subject subject;

          private SimplePrincipal caller;

       

          @Override

          public void initialize(Subject aSubject, CallbackHandler aCallbackHandler, Map aSharedState, Map aOptions) {

              subject = aSubject;

          }

       

          @Override

          public boolean login() throws LoginException {

             caller = new SimplePrincipal("jm.villagra");

              return true;

          }

       

          @Override

          public boolean commit() throws LoginException {

       

              try {

       

              Set<Principal> principals = subject.getPrincipals();               

                     

              Group roles = new SimpleGroup("Roles");

              roles.addMember(new SimplePrincipal("Admin"));

       

              Group callerPrincipal = new SimpleGroup("CallerPrincipal");                       

              callerPrincipal.addMember(caller);

             

              principals.add(caller);

              principals.add(roles);       

              principals.add(callerPrincipal);               

             

              return true;

             

              } catch (Exception e) {

                  throw new LoginException(e.getMessage());

              }

          }

      }

       

      And this is how i do the login from the server-javaws project
          LoginContext lc = new LoginContext("test", handler);
          lc.login();

       

      What am i doing wrong??? I've spent a lot of time with this and i cannot find a solution

       

      Thank you very much

        • 1. Re: SessionContext.getcontext() = null with custom loginModule with jboss 5.1
          Anonymous User Anonymous User Newbie

          Ok, problem solved

           

          The ClientLoginModule is the one who sets the context.getcontext() principal, and it needs the name NameCallback, otherwise i get the null

           

                        CallbackHandler handler = new CallbackHandler() {
                             @Override
                             public void handle(Callback[] callbacks) throws IOException,
                                       UnsupportedCallbackException {
             
                                  Callback[] mcallbacks = callbacks;
             
                                  NameCallback nameCallback = (NameCallback) mcallbacks[0];
                                  nameCallback.setName("jm.villagra");   
                             }
                        };

           

          My dummyLoginModule didn't use the callback, so namecallback allways have a null as a name value.

           

          Next step, use a CustomPrincipal instead of SimplePrincipal