0 Replies Latest reply on Aug 14, 2013 3:31 PM by Jeff Sexton

    Can't Find a Custom Login Module, jBoss 7.1

    Jeff Sexton Newbie

      JBoss AS 7.1.0.Final

       

      I've been completely unsuccessful invoking a custom login module from an EJB with a @WebService annotation and an authMethod = "BASIC", so I'm trying a different approach.  I'm working wtth an EJB now without a @SecurityDomain annotation, and a "manual" login method.  Here's the code:

       

      @Stateless

      @WebService

      public class Sample implements SampleRemote {

           public void login() {

              LoginContext loginContext = null;

              try {

                loginContext = new LoginContext("SimpleAuth");

                loginContext.login();

              }

              catch (LoginException e) {

              Logger.getLogger(getClass().getName()).log(Level.INFO, "Sample: LoginException", e);

                            }

      }

       

      This comes close to working, but when I invoke login() via SOAP, jBoss can not find the class that SimpleAuth refers to.  The security domain looks like this:

       

                      <security-domain name="SimpleAuth">

                          <authentication>

                              <login-module code="com.samples.SimpleAuth" flag="required" module="custom_module">

                              </login-module>

                          </authentication>

                      </security-domain>

       

      I am fairly sure "custom_module" is setup correct in modules.  But I have tried putting the SimpleAuth jar file everyplace I can find, as a module and not, and directly in the jar with the EJB, and I get this error no matter what:

       

      10:49:09,738 INFO  [com.iwsinc.smaples.Sample] (http--127.0.0.1-8080-1) SEC0000: Sample: LoginException: javax.security.auth.login.LoginException: unable to find LoginModule class: com.samples.SimpleAuth from [Module "deployment.Sample7EJB.jar:main" from Service Module Loader]

                at javax.security.auth.login.LoginContext.invoke(LoginContext.java:808) [rt.jar:1.6.0_30]

                at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [rt.jar:1.6.0_30]

       

      etc...

       

      All I am after here is some way to invoke a custom login module from an EBJ that has an @WebService.  This is seriously starting to look impossible!  Has anyone ever done this?

      Thanks!