6 Replies Latest reply on Nov 2, 2012 5:01 AM by Ivo Bek

    Question on using LoginClient

    John DeStefano Apprentice



      Trying to get login working with 2.1.0-Final. I have read the discussion at https://community.jboss.org/thread/197641. My app is configured with the JAAS adapter as follows:






      Login config:

      Login {

         org.jboss.errai.bus.server.security.auth.PropertyFileLoginModule sufficient;



      I have a service annotated with @RequireAuthentication. In the entry point of the app in a method that fires after initialization I subscribe to the "LoginClient" as follows (test code for now):


      bus.subscribe("LoginClient", new MessageCallback() {


                                    public void callback(Message message) {

                                              if (message.getCommandType().equals("FailedAuth")) {

        fail("Authentication failed");

                                              } else if (message.getCommandType().equals("SuccessfulAuth")) {

          // navigate to new page

                                              } else {




                                                                            .with(MessageParts.ReplyTo, "LoginClient")

                                                                            .with(SecurityParts.Name, user.getUsername())

                                                                            .with(SecurityParts.Password, user.getPassword()).done()







      From the application I call the annotated service. The service call takes place without call back to the login client first?


      There was also some discussion in the post I mentioned about aditional documentation around using the login service. Is that available?



        • 1. Re: Question on using LoginClient
          John DeStefano Apprentice



          I added






          to the web.xml and now I get a different error exactly as in this post: https://community.jboss.org/thread/199936.


          I can now see in the ServiceProcessor class where the rule is attempting to associate with the WelcomeServiceImpl but WebcomeServiceImpl is not registered. Without the auto-discover-services the ServiceProcessor was not invoked.


          My client side:



          public interface WelcomeService {

                    String getCurrentUserName();



          Server side:




          public class WelcomeServiceImpl implements WelcomeService {

                    private MessageBus bus;



                    public WelcomeServiceImpl(MessageBus bus) {

                              this.bus = bus;




                    public String getCurrentUserName() {

                              AuthSubject authSubject = RpcContext.getQueueSession().getAttribute(

                                                  AuthSubject.class, ErraiService.SESSION_AUTH_DATA);

                              return authSubject.getUsername();





          From the client I call the service like this:



                    private Caller<WelcomeService> welcomeService;



          welcomeService.call(new RemoteCallback<String>() {


                                        public void callback(String response) {

                                                  root.setInnerText("Welcome " + response);




          Any ideas?



          • 2. Re: Question on using LoginClient
            John DeStefano Apprentice



            I think there is a bug in the ServiceProcessor class or maybe its the way I have defined the class. The remote interface get registered with the bus as WelcomeService:RPC in the globalSubscriptions set. In the process method the service side, which is srvName in the method is defined as WelcomeServiceImpl. Later in the method execution the the WelcomeServiceImpl is checked to see if it extends MessageCallback, which it does not (see above) so it is not bound into the Guice context or subscribed to the bus. The service does have the RequireAuthentication annotation so a RolesRequiredRule is created.




            if (rule != null) {

                    context.getBus().addRule(svcName, rule);



            the code attempts to add this rule to bus as follows:



              public void addRule(final String subject, final BooleanRoutingRule rule) {

                final DeliveryPlan plan = subscriptions.get(subject);

                if (plan == null) {

                  throw new RuntimeException("no such subject: " + subject);



                subscriptions.put(subject, new RuleDelegateMessageCallback(plan, rule));



            The problem is that WelcomeServiceImpl was never registered with the bus and thus never got into the subscriptions set thus the exception.



            • 3. Re: Question on using LoginClient
              Nick Evers Newbie

              Do you have any idea how to overcome this problem?

              I have the exact same issue here...

              • 4. Re: Question on using LoginClient
                John DeStefano Apprentice



                To be honest I switched to using CDI and interceptors on various server side methods. Something like @RequiresRole({"User"}). Within the interceptor I check a user session token. If the user trying to access the method isn't logged in or isn't in the correct role I fire an event, which the client "observes" for and changes the screen to the login screen. There are numerous variations on this theme. Be glad to share the interceptor code if you'd like.



                • 5. Re: Question on using LoginClient
                  Nick Evers Newbie

                  Aha, I almost forgot we had those ^^


                  I'd love to see the code!

                  Documentation on the Errai & login subject is already very sparse so I think you'll do many people a favor.


                  • 6. Re: Question on using LoginClient
                    Ivo Bek Newbie

                    Hi Nick,


                    I have shared the interceptor a time ago here https://community.jboss.org/message/760838#760838

                    The behaviour is similar to errai's @RequiresAuthentication but it works with CDI ....