I have a web applciation and an EJB component.
I am using GenericHeaderAuthenticator and SSOLoginModule for the authentication. In GenericHeaderAuthenticator, I am getting the roles from siteminder and setting in org.jboss.security.SecurityAssociation class.
SecurityAssociation.setContextInfo("sm_role", roles);
For the authentication in EJB, the securityDomain is pointing to SSOLoginModule,
When I am trying to access the SecurityAssociation context info in SSOLoginModule , its giving me null values, so the EJB authentication failed!!
String role = (String)SecurityAssociation.getContextInfo("sm_role"); roles are coming as null.
This problem is in Unix environment, the same code I tried in Windows environment it's working fine.
Can anyone help me to resolve this issue?
The configuration are as below:-
EJB Code:
@
org.jboss.ejb3.annotation.SecurityDomain("SSOGenericHeaderAuth")
@Stateless
public
@RolesAllowed("essga_cmdbost_custodian")
class FooBean implements FooRemote {
@Resource private SessionContext sctx;
war-deployers-jboss-beans.xml(c:\jboss-5.1.0.GA\server\default\deployers\jbossweb.deployer\META-INF)
<property name="authenticators">
<map class="java.util.Properties" keyClass="java.lang.String" valueClass="java.lang.String">
<entry>
<key>HEADER</key>
<value>org.jboss.example.web.tomcat.security.GenericHeaderAuthenticator</value>
</entry>
web.xml
login-config.xml(c:\jboss-5.1.0.GA\server\default\conf):
<application-policy name="SSOGenericHeaderAuth">
<authentication>
<login-module code="org.jboss.example.web.tomcat.security.SSOLoginModule" flag="sufficient"/>
<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
<module-option name="usersProperties">props/jmx-console-users.properties</module-option>
<module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
</login-module>
</authentication>
</application-policy>
