1 Reply Latest reply on Aug 15, 2005 6:17 AM by Rajesh Warna

    JBoss 3.2.3 / JAAS / DatabaseServerLoginModule

    M B Newbie

      Hallo List!

      I'd like to set up some security using JAAS and the DatabaseServerLoginModule for a small demo-application. In contrast to others on this forum, I'd like to access the EJBs not via JSPs but solely by a standalone client with GUI.

      The problem is, that I get the following exception when my client application tries to call the login() method of the loginContext:

      javax.naming.NameNotFoundException: DefaultDS not bound

      The client application is startet with:
      java -classpath $CLASSPATH:$JBOSS_JAR_HOME:jndi/
      -Djava.security.manager -Djava.security.policy=com/ejbemarketplace/clients/ejbemarketplace.policy -Djava.security.auth.login.config=com/ejbemarketplace/clients/ejbemarketplace.conf -Dlogin.configuration.provider=org.jboss.security.auth.login.XMLLoginConfig com/ejbemarketplace/clients/MDIApplication

      where JBOSS_JAR_HOME contains all files in /usr/local/jboss-3.2.3/client/ and in addition the file /usr/local/jboss-3.2.3/server/default/lib/jbosssx.jar.

      As far as I could figure out the client application hasn't sent any data to the JBoss server at this point.

      It would be very kind, if someone could give me a hint where I've made mistakes.

      ng, martin

      Subsequently I'll give you snipplets of source-files and the configuration-files in use:
      grant {
       permission java.security.AllPermission;

      ejbemarketplace {
       org.jboss.security.auth.spi.DatabaseServerLoginModule required;


      The code used in the client application MDIApplication:
      private void jIFAuthenticateOKButtonActionPerformed(java.awt.event.ActionEvent evt) {
       // Add your handling code here:
       try {
       eMarketCallbackHandler emch = new eMarketCallbackHandler(jFormattedTextField3.getText(), jPasswordField1.getPassword());
       System.out.println("----- eMarketCallbackHandler emch created! ----");
       LoginContext loginContext = new LoginContext("ejbemarketplace", emch);
       System.out.println("----- LoginContext created ----");
       System.out.println("----- login accomplished ----");
       Subject subject = loginContext.getSubject();
       System.out.println("----- got subject ----");
       } catch (javax.security.auth.login.LoginException le) {
       System.out.println("MDIApplication: jIFAuthenticateOKButtonActionPerformed(ActionEvent) le - " + //

      package com.ejbemarketplace.callbackhandler;
      import javax.security.auth.callback.Callback;
      import javax.security.auth.callback.NameCallback;
      import javax.security.auth.callback.PasswordCallback;
      import javax.security.auth.callback.UnsupportedCallbackException;
      public class eMarketCallbackHandler implements javax.security.auth.callback.CallbackHandler {
       private String username;
       private char[] password;
       public eMarketCallbackHandler(String username, char[] password) {
       this.username = username;
       this.password = password;
       public eMarketCallbackHandler(String username, String password) {
       this.username = username;
       this.password = password.toCharArray();
       public void handle(Callback[] callback)
       throws java.io.IOException, UnsupportedCallbackException {
       for (int i = 0; i < callback.length; i++) {
       if (callback instanceof NameCallback) {
       NameCallback nc = (NameCallback) callback;
       } else if (callback instanceof PasswordCallback) {
       PasswordCallback pc = (PasswordCallback) callback;
       } else {
       throw new UnsupportedCallbackException(callback, "Unrecognized Callback");

      At the server-side:
      <application-policy name = "ejbemarketplace">
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag = "required">
       <module-option name = "dsJndiName">java:/PostgresDS</module-option>
       <!-- <module-option name = "dsJndiName">PostgreSQL</module-option> -->
       <module-option name = "principalsQuery">
       select passwd from customerejb where ucid=?
       <module-option name= "rolesQuery">
       select userRoles,'Roles' from customerejb where ucid=?


      The database in use is PostgresSQL. The database worked correctly before I tried to fiddle about with JAAS.


      ps: sorry for grammar or spelling mistakes.