-
1. Re: Principal = null calling secured EJB from java client
petertje May 19, 2003 3:02 AM (in response to mspinetti)From a Java stand-alone client, right? Does it perform a JAAS login using the jboss ClientLoginModule?
Peter -
2. Re: Principal = null calling secured EJB from java client
mspinetti May 19, 2003 5:13 AM (in response to mspinetti)No, in the stand-alone app I made I used UsersRolesLoginModule.
Do I have to use ClientLoginModule? why?
Do you have some sample of a java stand-alone client calling a secure EJB??
It's necessary to use Subject.doAs to make the call??
I think I don't understand very well this stuff.
Thanks. -
3. Re: Principal = null calling secured EJB from java client
mspinetti May 19, 2003 2:34 PM (in response to mspinetti)I already solve it! using ClientLoginModule from JAAS
Thanks Peter, -
4. Re: Principal = null calling secured EJB from java client
adrian.brock May 19, 2003 5:50 PM (in response to mspinetti)The ClientLoginModule is used to remember
the user/password in a location for later
use by the ejb proxies.
They transport this information to the server
where the authentication occurs.
Look at client/auth.conf for an example JAAS config.
Regards,
Adrian -
5. Re: Principal = null calling secured EJB from java client
msmckibben May 20, 2003 3:00 AM (in response to mspinetti)Do you have to perform the client auth even if you have an unchecked method permission for your EJB specified in the deployment descriptor?
I have an ejb jar that has mixed beans-- i.e. some require a security role while others don't. Calling into an EJB method marked as unchecked throws this same exception. But, I can't just whack out the <security-domain> from jboss.xml as all the beans then become unsecured. It seems to be an all or nothing affair JBoss. -
6. Re: Principal = null calling secured EJB from java client
adrian.brock May 20, 2003 9:15 AM (in response to mspinetti)If the ejb is going to authenticate the user/password
it must know that information
which means you have to pass it to the server.
Regards,
Adrian