1 Reply Latest reply on May 3, 2004 11:41 AM by Scott Stark

    ClientLoginModule and empty Principal

    morenito9000 Newbie

      Hi all,
      I'm using ClientLoginModule, client side, but after the
      login() method, when I call LoginContext.getSubjects.getPrincipals(),
      I don't see any Principal related to the Subject.

      I thought that this was due to the fact that, server side,
      I haven't specified the configuration for JBoss yet (I'll need
      a DatabaseServerLoginModule in my application's security-domain),
      but, If I'm not wrong, ClientLoginModule doesn't execute any
      validation (so it can be "independent" from server side authentication ?).

      If I substitute ClientLoginModule with MyLoginModule, without
      changing the CallbackHandler Class, I can get the Principals !

      ---------------------------------------------------
      CLIENT:

      ch = new MyCallbackHandler();
      lc = new LoginContext("other", ch);
      lc.login();
      subject = lc.getSubject();
      principals = subject.getPrincipals();

      (principal, with ClientLoginModule, is ALWAYS null)

      ---------------------------------------------------
      AUTH.CONF:

      other {
      org.jboss.security.ClientLoginModule required
      ;
      };

      ---------------------------------------------------
      CALLBACKHANDLER's handle():

      public void handle(Callback[] callbacks) throws UnsupportedCallbackException {

      for(int z = 0; z < callbacks.length; z++) {
      Callback callback = callbacks[z];

      if(callback instanceof NameCallback) {
      ((NameCallback) callback).setName("myuser");
      }
      else if(callback instanceof PasswordCallback) {
      ((PasswordCallback) callback).setPassword("mypasswd".toCharArray());
      }
      else
      throw new UnsupportedCallbackException(callback);
      }
      }

      ---------------------------------------------------

      Any suggestion is very appreciated,
      many thanks in advance

      Moreno