1 Reply Latest reply on Sep 10, 2003 3:40 AM by Urban Hedeaas

    Fail to get my MDB authenticated

    Urban Hedeaas Newbie

      I have a MDB that shall invoke a secure local (internal) session bean.

      Despite that the MDB is logged in using JAAS, I got "Authentication exception, principal=null" when I try to create a server object in the MDB

      The MDB is set up with <run-as><role-name>xxx...

        • 1. Re: Fail to get my MDB authenticated
          Urban Hedeaas Newbie

          I've worked further and found a solution myself:

          In the test client I used JAAS login successfully with

          Start argument: -Djava.security.auth.login.config=security-context.config

          Content of security-context.config:
          ------------------------------------------------------------------
          LtKtrlClient {
          org.jboss.security.ClientLoginModule required debug=true;
          };

          other {
          org.jboss.security.ClientLoginModule required debug=true;
          };
          ------------------------------------------------------------------

          Java code:
          ------------------------------------------------------------------
          UsernamePasswordHandler handler = new UsernamePasswordHandler("Username", "password".toCharArray());
          String contextName = "MyContext";
          LoginContext lc = new LoginContext(contextName, handler);
          lc.login();
          ------------------------------------------------------------------

          I copied this to my MDB but it did'nt work there...

          After some research I found out that the test client uses Sun's implementation of javax.security.auth.login.Configuration
          (com.sun.security.auth.login.ConfigFile) and the MDB use JBoss' implementation (org.jboss.security.auth.login.XMLLoginConfigImpl)

          So, how to fix that?

          I did simply add a line
          Configuration.setConfiguration(new com.sun.security.auth.login.ConfigFile());
          before
          LoginContext lc = new LoginContext(contextName, handler);

          I don't know why but now it works and me and my MBoss (= manager/boss ;-) are happy.

          Do any one have comments?