0 Replies Latest reply on Mar 8, 2013 5:30 AM by Sunil Dixit


    Sunil Dixit Newbie



      I want to use JAAS ( cofigured on jboss 7) module for authenticate & authrorised client program so that it can use all secured EJBs running inside the container.To configure JASS in JBOSS 7 I have done following things


      1. Added "security-realm"

      2. Added "security-domain"


      Here are XML snippets


      <security-realm name="MyJAASRealm">


                                  <jaas name="MyJAAS"/>




      <security-domain name="MyJAAS" cache-type="default">


                                  <login-module code="Client" flag="required">

                                          <module-option name="usersProperties" value="${jboss.server.config.dir}/users.properties"/>

                                          <module-option name="rolesProperties" value="${jboss.server.config.dir}/roles.properties"/>





      Now I have written TestClient which will use "LoginContext" to do authentication



      public static void test()



      env.put(Context.PROVIDER_URL, "remote://localhost:4447");


      env.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");

      LoginContext ref = getCLMLoginContext("Sunil", "Dixit");






      public static LoginContext getCLMLoginContext(final String username,final String password) throws LoginException {

              final String configurationName = "MyJAAS";

              CallbackHandler cbh = new CallbackHandler() {

                  public void handle(Callback[] callbacks) throws IOException,

                          UnsupportedCallbackException {

                      for (Callback current : callbacks) {

                          if (current instanceof NameCallback) {

                              ((NameCallback) current).setName(username);

                          } else if (current instanceof PasswordCallback) {

                              ((PasswordCallback) current).setPassword(password


                          } else {

                              throw new UnsupportedCallbackException(current);





              Configuration config = new Configuration() {


                  public AppConfigurationEntry[] getAppConfigurationEntry(String name) {

                      if (configurationName.equals(name) == false) {

                          throw new IllegalArgumentException(

                                  "Unexpected configuration name '" + name + "'");


                      Map<String, String> options = new HashMap<String, String>();

                      options.put("multi-threaded", "true");

                      options.put("restore-login-identity", "true");

                      AppConfigurationEntry clmEntry = new AppConfigurationEntry(





                      return new AppConfigurationEntry[] { clmEntry };



              return new LoginContext(configurationName, new Subject(), cbh, config);




      My porblem is " How should I tell that LoginContext need to use "JAAS configured on server".


      If anybody know this then plz help me.