0 Replies Latest reply on Nov 8, 2012 10:25 AM by Volker Biermann

    Logon problem with security domain and EJB2

    Volker Biermann Newbie

      I have a problem with logon on JBoss and a security domain. The application is a WebStart application. The idea is to log on and make some beans working. The beans fetch information from a database and will authenticate a user e.g. by his biometrics. Then the user is logged on with his credentials. On JBoss 4 the task was easy. The logon preparation was done by:

       

      /* does not longer work with JBoss > 4 
                  SecurityAssociation.setPrincipal(new SimplePrincipal(
                          ILConstants.ANONYMOUS_NAME ));
                  SecurityAssociation.setCredential(ILConstants.ANONYMOUS_PASSWORD.toCharArray());
      */
       /*
          get the bean and rum  createMethod.invoke */
      */
      

       

      The security domain is set inside the jboss.xml file of the EAR archive

       

      <security-domain>myserver</security-domain>
      

       

      and defined in the login-config.xml file

       

      <application-policy name = "MyLogin">
          <authentication>
              <login-module code="com.test.auth.MyLoginModule" flag = "required">
              <module-option name = "debug">true</module-option>
              </login-module>
          </authentication>
          </application-policy>
          
          <application-policy name = "myserver">
          <authentication>
              <login-module code="org.jboss.security.auth.spi.RunAsLoginModule" flag="required">
              <module-option name = "roleName">myAdmin</module-option>
              <module-option name = "debug">true</module-option>
              </login-module>
              <login-module code="com.test.auth.MyServerLoginModule"
                      flag = "required" />
          </authentication>
          </application-policy>
      

       

      The MyLogin domain is later used to log on the user with its credential.

       

      As I said this works fine on JBoss 4. On JBoss 6 this is not longer possible. I replaced the java part with:

       

      /* does not longer work with JBoss > 4 
                  SecurityAssociation.setPrincipal(new SimplePrincipal(
                          ILConstants.ANONYMOUS_NAME ));
                  SecurityAssociation.setCredential(ILConstants.ANONYMOUS_PASSWORD.toCharArray());
      */
      /* Should work with JBoss 6 */            
                  SecurityAssociationHandler handler = new SecurityAssociationHandler();
                  SimplePrincipal user = new SimplePrincipal(ILConstants.ANONYMOUS_NAME);
                  handler.setSecurityInfo(user, ILConstants.ANONYMOUS_PASSWORD.toCharArray());
                  LoginContext loginContext = new LoginContext("myserver", (CallbackHandler) handler);
                  loginContext.login();
      
      /*
          get the bean and rum  createMethod.invoke */
      */
      
      
      

       

      Here the domain "myserver" is not found. As far as I understand the documents in JBoss 4 the domain was taken from the  jboss.xml file. What am I doing wrong?

       

      Thank you for your help

      Volker