1 Reply Latest reply on Jan 14, 2013 5:13 AM by Halli Balli

    DatabaseLogin Module Problem Principal and Credentials from client

    Halli Balli Newbie

      Hallo there, I hope someone can help me, I am stuck with a problem now for several month.

      I migrate an application from Jboss 4 to JBoss AS 7


      On Serverside in standalone.xml I have configured that the system should use database login.


                     <security-domain name="MySecurityDomain">
                              <login-module code="Database" flag="required">
                                  <module-option name="dsJndiName" value="java:jboss/datasources/MyDataSource"/>
                                  <module-option name="principalsQuery" value="select password from [user] where id = ?"/>
                                  <module-option name="rolesQuery" value="select roles.name 'Role', null 'RoleGroup' from [permission_role_list] as roles, [user] as users, [permission_user_role_con] as userroles where userroles.permission_role_listID = roles.id and users.id=userroles.userID and (users.id = ?)"/>
                                  <module-option name="password-stacking" value="useFirstPass"/>


      But I don't know how to propagate my client login information to the server.

      In JBoss 4 I just set principal and credentials in org.jboss.security.SecurityAssociation (I use a custom principal class)

      and in the where clause of the principalsQuery the id parameter is than autmatically the one that I have set in my principal.


      When I try this in JBoss AS 7 the query results in an error, the id seems to be some random text.

      Both (client and server) are running on the same machine and I this is how my ejb-client-properties look like:





      remote.connection.default.port = 4447







      I just don't know how to set my principal on client side and than use it on serverside for the rolesQuery and principalsQuery

      How can I do something like this with JBoss AS 7?

      Has some one working example code for me?


      Do I need Picketbox and if so, what do I have to configure that my Server gets the information and knows which principal to use?

      Or do I have to create some kind of CallbackHandler which provides the query with the information?


      I hope my questions are not stupid but in the meanwhile I am kind of desperate.

      Thanks for any help.