2 Replies Latest reply on Dec 9, 2013 8:41 PM by xiang yingbing

    JAAS in JBoss 7

    Christian Heldwein Newbie

      Hello all together,


      I have a rich client that performs remote EJB calls on a JBoss AS 7.1.1. The remote EJB connection works perfect.

      However, I need to authenticate users on the rich client side. How can I send the user authentication information to the JBoss 7 server and evaluate it there (preferably with a DatabaseLoginModule)?


      As far as I understood, it should work by configuring my own security domain on JB7 and annotating the EJBs with its name. In the configuration of the security domain, I defined my LoginModule and I've packaged the class in my own module.


      However, what do I need to do on the client side with my authentication information and how can I access it in my login module?


      Any help is greatly appreciated.




        • 2. Re: JAAS in JBoss 7
          xiang yingbing Master

          How to login in rich client:

          (a) ISecuredRemoteSession is an EJB interface.

          private ISecuredRemoteSession securedRemoteSessionProxy;


          (b) look for the EJB proxy by JNDI:


          public void connectToServer(String serverIP, String username, String password) throws Exception{
             this.username = username;
             this.serverIP = serverIP;
             InitialContext context;
                  Properties p = new Properties();
                  p.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "true");
             p.put("remote.connections", "default");
             p.put("remote.connection.default.host", serverIP);
             p.put("remote.connection.default.port", "4447");
                  p.put("remote.connection.default.username", username);
                  p.put("remote.connection.default.password", password);
                  p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");
                  p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_DISALLOWED_MECHANISMS", "JBOSS-LOCAL-USER");
                  p.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
                  p.put("remote.connection.default.connect.options.org.xnio.Options.SSL_STARTTLS", "true");
                  p.put("remote.connection.default.connect.timeout", "30000");//for xnio
                  EJBClientConfiguration cc = new PropertiesBasedEJBClientConfiguration(p);
                  ContextSelector<EJBClientContext> selector = new ConfigBasedEJBClientContextSelector(cc);
                  //EJBClientContext.getCurrent().registerInterceptor(0,new ClientSessionTokenInterceptor());
                  //EJBClientContext.getCurrent().registerInterceptor(1,new ClientExceptionInterceptor());
                  Properties props = new Properties();
                  props.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
                  context = new InitialContext(props);
                  securedRemoteSessionProxy = (ISecuredRemoteSession)context.lookup(jndiName);
             }catch(Exception e){//TCP连接失败的异常不会被抛出!
             throw ConnectionToServerFailedException.INSTANCE;