-
1. Re: login pricipal is changing to anonymous in EJBContext (JBOSS7.1 beta)
jaikiran Dec 16, 2011 3:03 AM (in response to ganeshment)Ganesh Saithala wrote:
2) Remote EJB client sets'up login context with username "admin" and password as "admin", resolves SessionBean , and gets the EJBContext principal and it's getting principal as anonymous (TestRemoteEJB)
Security propagation from remote EJB clients is not yet implemented. So this won't work. We are planning to have that in 7.1.0.CR1.
Ganesh Saithala wrote:
3) I have tried the same with servlet and same problem is there (TestWeb)
I haven't yet downloaded and checked the code you attached. I or someone else might. But it would easier if you just posted (use the code formatting options in the advanced editor of the reply window) the relevant piece of code from the servlet and the EJB and also the exception stacktrace (if any).
-
2. Re: login pricipal is changing to anonymous in EJBContext (JBOSS7.1 beta)
sfcoy Dec 19, 2011 1:24 AM (in response to ganeshment)Does your servlet work if you inject the session bean reference with @EJB instead of using an explicit JNDI lookup?
-
3. Re: login pricipal is changing to anonymous in EJBContext (JBOSS7.1 beta)
ganeshment Dec 24, 2011 5:09 PM (in response to ganeshment)Sorry for the late response. Now Iam using JBOSS7.1 CR1 release and Iam still facing problem with sending credentials from remote EJB client to server
My example program is as below
Srever Side :
1) It contains SessionBean and function to return EJBContext principal (TestEJB)
package demo;
import java.security.Principal;
import javax.annotation.Resource;
import javax.ejb.SessionContext;
import javax.ejb.Stateless;import org.jboss.security.annotation.SecurityDomain;
@Stateless
@SecurityDomain(value = "iS3Login")
public class SessionBean implements SessionBeanInterface {@Resoure
private EJBContext context;
@Override
public Principal getPrincipal() {
return context.getCallerPrincipal();
}}
Client Side : I confirm my when I run client it's picking up jboss-ejb-client.properties file)
2)jboss-ejb-client.properties contents
3) Remote EJB Client program :
demo;
java.net.URL;
java.security.Security;
java.util.Hashtable;
javax.naming.Context;
import
javax.naming.InitialContext;
import
javax.naming.NamingException;
import
javax.security.auth.login.LoginContext;
import
javax.security.auth.login.LoginException;
import
org.jboss.sasl.JBossSaslProvider;
public
RemoteEJBClient {
{
JBossSaslProvider());
}
;
;
;
;
;
Exception {
NamingException, LoginException {
SessionBeanInterface statelessSessionBeanInterface = lookupRemoteStatelessCalculator();
);
+ statelessSessionBeanInterface.getPrincipal());
NamingException, LoginException {
) {
);
) {
, url.toString());
Hashtable();
InitialContext(jndiProperties);
;
;
;
;
.getName();
+ viewClassName);
+ beanName
+
System.
);
jndiProperties.put(Context.
loginContext.login();
loginContext = new LoginContext("logincontextname", callbackHandler);
AppCallbackHandler callbackHandler = new AppCallbackHandler(USER_LOGIN_NAME, USER_PASSWORD.toCharArray());
}
}
System.getProperties().setProperty(RemoteEJBClient.
URL url = RemoteEJBClient.
}
System.
System.
invokeStatelessBean();
}
/**
* User password
*/
/**
* User login name
*/
// Security.insertProviderAt(new JBossSaslProvider(), 1);
Security.addProvider(
import
import
import
+ viewClassName);
4) I have tried servlet using EJB injection but it's nto working
package demo;
import java.io.IOException;
import java.io.PrintWriter;import javax.ejb.EJB;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;public class PrincipalViewer extends HttpServlet {
private static final long serialVersionUID = 1L;
@EJB(mappedName = "java:global/TestEAR/TestEJB/SessionBean!demo.SessionBeanInterface")
SessionBeanInterface sessionBean;
private void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();try {
// InitialContext ctx = new InitialContext();
// request.login("admin", "admin");
// SessionBeanInterface sessionBean =
// InitialContext.doLookup("java:global/TestEAR/TestEJB/SessionBean!demo.SessionBeanInterface");
// sessionBeanInterface sessionBean = (SessionBeanInterface)
// ctx.lookup("java:global/TestEAR/TestEJB/SessionBean!demo.SessionBeanInterface");
// SessionBeanInterface sessionBean = (SessionBeanInterface)
// ctx.lookup("java:module/SessionBean!demo.SessionBeanInterface");out.println("<html>");
out.println("<head>");
out.println("<title>Principal Viewer</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Principal in EJB = " + sessionBean.getPrincipal().getName() + "</h1>");
if (sessionBean.getPrincipal().getName().equals("anonymous")) {
out.println("<h2>session will be invalidated</h2>");
request.getSession(true).invalidate();
}
out.println("</body>");
out.println("</html>");
} finally {
out.close();
}
}@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
}@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
}
}5) web.xml contents
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="3.0"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<display-name>TestWeb</display-name>
<servlet>
<servlet-name>TestWeb</servlet-name>
<servlet-class>demo.PrincipalViewer</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>TestWeb</servlet-name>
<url-pattern>/TestWeb</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>all</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/index.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>Admin</role-name>
</security-role>
</web-app>}
}
Can you please suggest how to make remote EJB Client to work.
import
package
endpoint.name=remoting-connector
remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED=false
remote.connections=default
remote.connection.default.host=localhost
remote.connection.default.port = 4447
remote.connection.two.connect.options.org.xnio.Options.SASL_SERVER_AUTH=true
remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
remote.connection.two.host=localhost
remote.connection.two.port = 4447
remote.connection.two.connect.options.org.xnio.Options.SASL_SERVER_AUTH=true
remote.connection.two.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS=false
-
4. Re: login pricipal is changing to anonymous in EJBContext (JBOSS7.1 beta)
ganeshment Jan 3, 2012 12:39 PM (in response to ganeshment)For sending remote EJB client credentials to server, Do I need to make any SASL configuration changes in standalone.xml file?
-
5. Re: login pricipal is changing to anonymous in EJBContext (JBOSS7.1 beta)
ganeshment Feb 24, 2012 11:23 PM (in response to ganeshment)check the thread below for fix details in JBOSS 7.1 Final version