0 Replies Latest reply on Aug 20, 2003 3:13 PM by Andreas Buschka

    Cannot get any principals

    Andreas Buschka Newbie

      I wrote a small test application that verifies that JAAS authentication is working. It now is ;) but when I try to fetch

      lc.getSubject().getPrincipals(), I get a Set with no entries. The permissions are definetely there: If I take away a needed permission in roles.properties, I get this error:
      Caused by: javax.ejb.EJBException: checkSecurityAssociation; CausedByException is:
      Insufficient method permissions, principal=cactus, method=create, interface=HOME, requiredRoles=[SystemAdministrator], principalRoles=[EreignisquellenAdministrator, Adressat]
      So this should mean that JBoss correctly authenticates me and assigns the proper permissions.

      When I call entityContext.getCallerPrincipal() from a EJB i call from the test program, I get my login name (cactus) back, so everything is ok there. But why cannot I get a list of principals in my test program right after the authentication? Or are the roles not listed there? How can I get them after lc.login()? How can I get the list of roles from the entityContext?

      lc = new LoginContext("InformMeDomain", handler);
      Subject subject;
      try
      {
      lc.login();
      subject = lc.getSubject();
      log("authentication succeeded");
      Iterator it = lc.getSubject().getPrincipals().iterator();
      while(it.hasNext()) {
      Object o = it.next(); // Never called, because it.hasNext() always returns false ;((((
      System.out.println("principle: "+o.getClass().getName()+ " "+o);
      }