1 Reply Latest reply on May 2, 2011 9:12 AM by Timo Wiedenmann

    Way to authenticate in Singleton Startup method

    Timo Wiedenmann Newbie

      Hello there,

       

      i'm looking for the best way to get authenticated in a ejb singleton startup method (JBoss 6.0.0).

       

      I need this, because i want to initialize some timer ejb's which require authentication (SecurityDomain),

      using a special system principal (where i have the principal name and password).

      Just calling a secured remote interface returns "Invalid user" ...

       

      So therefore the basic question: Is there a way to get authenticated to the container within a ejb and call another ?

       

      I already tried the standard login mechanism, which my client uses. There i could login, but security context is gone at the

      call to a secured remote interface to me (returns "user = null", No matching username found in Principals)

       

      Has anybody a hint for me how to solve this ?

      Should be a common issue ...

       

      Best regards,

      Timo

        • 1. Re: Way to authenticate in Singleton Startup method
          Timo Wiedenmann Newbie

          ok, found a way - not sure if it is a consistent solution or dirty code ...

           

          I create a timer in the startup method which will be invoked few seconds after - need this to have all beans bound.

          Then i use the SecurityAssociation to get authenticated, call the session beans and clear the association.

           

          Here is the code:

           

          {code}

            @PostConstruct

            public void init() {

               // check if timer already present

              final Collection<Timer> timers = ctx.getTimerService().getTimers();

              if (timers.isEmpty() == false) {

                // Cancel timers

                for (Iterator<Timer> ita = timers.iterator(); ita.hasNext();) {

                  final Timer timer = ita.next();

                  LOGGER.debug("Cancelling all timer " + timer);

                  timer.cancel();

                }

              }

           

              // start timer

              try {

                ctx.getTimerService().createTimer(5*1000, "startupTimer);

              }

              catch (Exception e) {

                // dont care, after few seconds the next attemt will be made

                LOGGER.error("Timer not started because exception occured.", e);

                return;

              }

            }

           

            @Timeout

            public void executeTimer(Timer timer)

            {

              LOGGER.debug("Timer executed");

              SecurityAssociation.setPrincipal(new SimplePrincipal("SystemUser"));

              SecurityAssociation.setCredential("bd584ea19250ff2d4f2dd579b6e25b5182f894c4f932eb2ae9c79df56...");

           

              // Call session bean

              dbBackupService.doBackup();


              SecurityAssociation.clear();

            }


          {code}

           

           

          No side effects found yet :-)

          Best regards,

          Timo