0 Replies Latest reply on Mar 8, 2013 5:30 AM by Sunil Dixit

    JAAS

    Sunil Dixit Newbie

      Hi,

       

      I want to use JAAS ( cofigured on jboss 7) module for authenticate & authrorised client program so that it can use all secured EJBs running inside the container.To configure JASS in JBOSS 7 I have done following things

       

      1. Added "security-realm"

      2. Added "security-domain"

       

      Here are XML snippets

       

      <security-realm name="MyJAASRealm">

                          <authentication>

                                  <jaas name="MyJAAS"/>

                          </authentication>

      </security-realm>

       

      <security-domain name="MyJAAS" cache-type="default">

                          <authentication>

                                  <login-module code="Client" flag="required">

                                          <module-option name="usersProperties" value="${jboss.server.config.dir}/users.properties"/>

                                          <module-option name="rolesProperties" value="${jboss.server.config.dir}/roles.properties"/>

                                  </login-module>

                          </authentication>

      </security-domain>

       

      Now I have written TestClient which will use "LoginContext" to do authentication

       

       

      public static void test()

      {

      env.put(Context.INITIAL_CONTEXT_FACTORY,"org.jboss.naming.remote.client.InitialContextFactory");

      env.put(Context.PROVIDER_URL, "remote://localhost:4447");

      env.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT","false");

      env.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");

      LoginContext ref = getCLMLoginContext("Sunil", "Dixit");

      ref.login();

       

      }

       

       

      public static LoginContext getCLMLoginContext(final String username,final String password) throws LoginException {

              final String configurationName = "MyJAAS";

              CallbackHandler cbh = new CallbackHandler() {

                  public void handle(Callback[] callbacks) throws IOException,

                          UnsupportedCallbackException {

                      for (Callback current : callbacks) {

                          if (current instanceof NameCallback) {

                              ((NameCallback) current).setName(username);

                          } else if (current instanceof PasswordCallback) {

                              ((PasswordCallback) current).setPassword(password

                                      .toCharArray());

                          } else {

                              throw new UnsupportedCallbackException(current);

                          }

                      }

                  }

              };

              Configuration config = new Configuration() {

                  @Override

                  public AppConfigurationEntry[] getAppConfigurationEntry(String name) {

                      if (configurationName.equals(name) == false) {

                          throw new IllegalArgumentException(

                                  "Unexpected configuration name '" + name + "'");

                      }

                      Map<String, String> options = new HashMap<String, String>();

                      options.put("multi-threaded", "true");

                      options.put("restore-login-identity", "true");

                      AppConfigurationEntry clmEntry = new AppConfigurationEntry(

                      org.jboss.security.auth.spi.UsersRolesLoginModule.class.getName(),

                      AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,

                      options);

       

                      return new AppConfigurationEntry[] { clmEntry };

                  }

              };

              return new LoginContext(configurationName, new Subject(), cbh, config);

          }

       

       

      My porblem is " How should I tell that LoginContext need to use "JAAS configured on server".

       

      If anybody know this then plz help me.