Am I misunderstanding assigning security principals in web a

jbaker_softcomms Apr 25, 2002 9:22 AM

I need to call an external EJB in my web app under a different user name. To switch principal I am creating a LoginContext in my servlet init() method whos CallBack hander sets the correct user name required for the external EJBs. Then in the service() method I call LoginContext.login() to switch identity. The callbacks definitely get called when I lookup the bean (and it gets found ok) but the the EJB container doesn't ever pick up the principal. This method worked fine from a GUI app. Do I need to set the principal in a different way?

[ERROR,SecurityInterceptor] Authentication exception, principal=null
[ERROR,Default] java.rmi.RemoteException: checkSecurityAssociation; nested excep
tion is:
java.lang.SecurityException: Authentication exception, principal=null
[ERROR,Default] java.lang.SecurityException: Authentication exception, principal
=null

1. Re: Am I misunderstanding assigning security principals in w

jbaker_softcomms Apr 26, 2002 12:09 PM (in response to jbaker_softcomms)

Here's jboss-web.xml to help narrow things down. Is this correct to access an external ejbs from the servlet that have their own security domain (katalyzt)?

<jboss-web>
<security-domain>java:/jaas/katalyzt</security-domain>
<resource-ref>
<res-ref-name>mail/DefaultMail</res-ref-name>
<res-type>javax.mail.Session</res-type>
<jndi-name>java:/Mail</jndi-name>
</resource-ref>
<resource-ref>
<res-ref-name>jdbc/KatalyztDB</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<jndi-name>java:/KatalyztDB</jndi-name>
</resource-ref>
<ejb-ref>
<ejb-ref-name>ejb/TModelSessionHome</ejb-ref-name>
<jndi-name>jnp://bongo.101main.com/katalyzt/toolbox/model/TModelSessionHome</jndi-name>
</ejb-ref>
</jboss-web>
Actions