can not login using JAAS in JBoss 6 javax.ejb.EJBAccessException: Invalid User
deryaaltuntas Aug 2, 2012 3:10 AMHere are the steps which I have done so far.
1) I added application policy for JAAS login configuration.I attached login-config.xml.
2) I created jaas.config file with following content.I set the path of this file in JDK in java.security file.
login-app {
org.jboss.security.ClientLoginModule required;
};
3) I am not able to define security domain.Because My Application is not a web application.I do not have WEB_INF directory.So I skipped this step
Example of jboss‐web.xml:
<?xml version="1.0" encoding="UTF‐8"?>
<jboss‐web>
<security‐domain>java:/jaas/airbus</security‐domain>
</jboss‐web>
4 ) I created a handler as named PassiveCallbackHandler.It is in the attachment.
5 )I have an ejb to inject jaas login to server side.this is just test.No Logic function.
import org.jboss.ejb3.annotation.SecurityDomain;
@Stateful
@SecurityDomain("security-siguard")
@RolesAllowed(value = {
"1"
})
public class UserSessionBean implements UserSessionBeanRemote {
private Authorization auth;
@Override
public void setAuthorization(Authorization authorization) {
auth = authorization;
}
@Override
public Authorization getUserSession() {
return auth;
}
}
6) Client code.My role table stores role id and user id attributes, so I am sending id of user to PassiveCallbackHandler.Also I am waiting to get some role id as roles.
/** reads user entity
User user = getSecurityEJB().login(userNameText.getText(),
String.valueOf(passwordText.getPassword()));
CallbackHandler handler = new PassiveCallbackHandler(user.getId(), String.valueOf(passwordText
.getPassword()));
try {
LoginContext lc = new LoginContext("login-app", handler);
lc.login();
Subject subject = lc.getSubject();
subject.getPrincipals();
(UserSessionBeanRemote) JndiResourceLookupHelper
.lookup("UserSessionBean/remote");
.getUserSession();
} catch (Exception e) {
System.out.println("authentication failed");
e.printStackTrace();
}
My Problem:
1) In case of my login succees ( password user name combination correct, subject does not return any roles.
In case of failure success (), no exception, no info message is written to Subject
2) When I call ejb business method getUserSession(); calll results with following exception
javax.ejb.EJBAccessException: Invalid User
at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:161)
-
login-config.xml 6.3 KB
-
PassiveCallbackHandler.java.zip 960 bytes