thanks for the example.
thx for the good example....I am new to this but what is the URL of the servlet to test it...thx..
Thx...it works...I have changed it to another loginmodule -> DatabaseServerLoginModule and it 's working too. But how can I access the secured bean from a client (standalone app). Do you have a example or a link?....thx..
has example source available at
that shows how to secure a client app. Check out SecureClient.java . The article was written for JBoss 2.x but most stuff, including the client example is still valid.
Hi. I updated the article with instructions on how to run my enclosed example. I also fixed / added an example client console application so you can see how to use it w/out a web app.
I've haven't been able to get it working with the DatabaseServerLoginModule. Could you provide details?
Thankyou verymuch for the examples.
we are also trying to get the example to work with the DatabaseServerLoginModule -- in the servlet initial authentication seems to work (provided we use a correct username/password) but when trying to create HelloWorld home we get the infamous Authentication exception, principal=null.
Any ideas how to solve this?
Basically we simply changed login-config.xml to reflect our database (which seems to work since doLogin works with correct username/password and fails for bad input) -- chitech: is there anything else you needed to change in order to get it to work?
Thank you for the example.
I ran it and it works great.
But your solution has security logic within the EJB source.
Is this the only way execute secured EJBs?
Having security logic in source.
There has got to be another solution for handling the principal == null exception.
Can anyone offer insight?
Thanks! Very informative, well written and helpful... after reading all the other documentation intensively for over a week, I ALMOST understood what I needed to do. This bridged the gap... wish I had found it sooner! Is there a way we can get this helpful example put in a more visible location?
My last stumbling point was... jboss.xml must be in the jar/ear that gets copied to the deploy directory! If you just put it in the conf directory jboss will not process it.
is there anyone who has managed to extract a copy of Jboss's security module and made it a standalone product such that it can be reuse for other project?
if there is, can u share it with us?
thks in advance :)