2 Replies Latest reply on Aug 9, 2010 8:51 AM by asterisk

    LoginContext timeout after update from Jboss 4.2.3 to 5.1

    asterisk Newbie

      Hi,

       

      I am working on an upgrade of our EJB2 application from Jboss 4.2.3 to Jboss 5.1.0. My problem is that the client application can log in and call bean methods, but after a few seconds it is not possible any more, because the user is not authenticated any more.

       

      This is my login-config.xml (partially):

      {code:xml}
      <application-policy name = "myApp">
          <authentication>

            <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="sufficient">

              <module-option name="dsJndiName">java:/OracleDS</module-option>

              <module-option name="principalsQuery"><![CDATA[select pswd from user_t where username=? and LOGINFAILCOUNT < 3 and USERLOCKED<>'1']]></module-option>

              <module-option name="rolesQuery">select g.applrolename, 'Roles' from useringroup_t u, groupinapplrole_t g where u.groupname = g.groupname and u.username=?</module-option>

              <module-option name="unauthenticatedIdentity">unauthenticated</module-option>

          </login-module>

        </authentication>

      </application-policy>{code}

       

      And here is the code to call the bean method for the first time:

      {code}
      LoginContext lc = new LoginContext("other", mUsernamePasswordHandler);

      lc.login();

      Hashtable<String, String> props = new Hashtable<String, String>();

      props.put(Context.PROVIDER_URL, theProviderURL);

      Context ctx = new InitialContext(props);

      Ejb2TestHome ejb2beanHome = (Ejb2TestHome)ctx.lookup("Ejb2Test");

      Ejb2Test ejb2bean = ejb2beanHome.create();

      String answer = ejb2bean.test();{code}

       

      Later I just use (in another class)

      {code}
      Ejb2TestHome ejb2beanHome = (Ejb2TestHome)ctx.lookup("Ejb2Test");
      Ejb2Test ejb2bean = ejb2beanHome.create();
      String answer1 = ejb2bean.test();{code}

       

      This worked with Jboss 4.2.3. But now I get a SecurityException, the principal "unauthenticated" is used in this case. It only works if I call lc.login() again right before instanciating the bean. Doing this is not a solution, of course, because I would have to change a lot of code.

       

      Does anybody know what I have to change? Do I need to change the Jboss configuration? Or do I need to use another login method in my Swing client?

       

      Thank you in advance!

        • 1. Re: LoginContext timeout after update from Jboss 4.2.3 to 5.1
          asterisk Newbie

          Hi,

           

          ok, ich chose the latter solution and changed the login mthod to:

          {code}

          SecurityClient client = null;
          try {
            client = SecurityClientFactory.getSecurityClient();
          } catch (Exception e1) {
            mLogger.error("Could not instanciate SecurityClient", e1);
            throw new LoginException();
          }
          client.setJAAS("other", mUsernamePasswordHandler);
          client.setVmwideAssociation(true);
          client.login();

          {code}

          The setVmwideAssociation(true) is important. Otherwise it does not work.

           

          Unfortunately I now have trouble with one stateful EJB2 bean, which throws a RemoveException when I try to close it. It says it is still in transaction, but I wonder what transaction that should be. Same code worked with JBoss 4.2.3.

           

          Kind regards

           

          PS: How the hell do you post code snippets here? This strange forum software adds line breaks or not as it likes.

          • 2. Re: LoginContext timeout after update from Jboss 4.2.3 to 5.1
            asterisk Newbie

            Hi,

             

            I also fixed the RemoveException now. According to this thread, you have to be careful if you want to call a stateful session bean from a stateless session bean. I added a

            {code}@ejb.transaction type="NotSupported"{code}

            to the Xdoclet header of my stateless bean and now it works fine. I don't need transaction at that point, anyway.

             

            So as far as I can see, the only problem left is the failing authentification in one of my Mbeans. The login() method works fine, but when I want to instanciate another bean it fails.

             

            Kind regards