2 Replies Latest reply on Jan 31, 2005 8:31 PM by Weixin Wang

    About Loing Model

    Weixin Wang Newbie

      DatabaseServerLoginModule is used for login in my Application.

      EJB can be access correctly by using JSP.
      But I cannot login through Applet.
      Could anyone tell me How I can call the secury EJB method by using Applet?

      The deployment as following

      login-config.xml

      <application-policy name="Test">
       <authentication>
       <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag="required">
       <module-option name="dsJndiName">java:/oraDataSource</module-option>
       <module-option name="principalsQuery">select U_Password from users where U_Name=?</module-option>
       <module-option name="rolesQuery">select GM_Group, 'Roles' from groupmembers where GM_Member=?</module-option>
       </login-module>
       </authentication>
       </application-policy>


      EJB

      jboss.xml
      <jboss>
       <security-domain>java:/jaas/Test</security-domain>
       <enterprise-beans>
       <session>
       <ejb-name>TestDisplay</ejb-name>
       <jndi-name>TestDisplay</jndi-name>
       <method-attributes>
       <method>
       <method-name>*</method-name>
       <transaction-timeout>3600</transaction-timeout>
       </method>
       </method-attributes>
       </session>
       </enterprise-beans>
      </jboss>


      ejb-jar.xml
      <ejb-jar>
       <enterprise-beans>
       <session>
       <ejb-name>TestDisplay</ejb-name>
       <home>TestDisplayHome</home>
       <remote>TestDisplay</remote>
       <ejb-class>TestDisplayBean</ejb-class>
       <session-type>Stateless</session-type>
       <transaction-type>Container</transaction-type>
       <security-role-ref>
       <role-name>guest</role-name>
       <role-link>guest</role-link>
       </security-role-ref>
       <security-identity>
       <run-as>
       <role-name>guest</role-name>
       </run-as>
       </security-identity>
       </session>
       </enterprise-beans>
      
       <assembly-descriptor>
       <method-permission>
       <role-name>guest</role-name>
       <method>
       <ejb-name>TestDisplay</ejb-name>
       <method-name>*</method-name>
       </method>
       </method-permission>
       </assembly-descriptor>
      </ejb-jar>


      A Class for login in Applet:
      System.setProperty("java.security.auth.login.config", "c:/jaashowto/example/resources/auth.conf");
       System.setProperty(Context.INITIAL_CONTEXT_FACTORY, JNDI_FACTORY);
       System.setProperty(Context.PROVIDER_URL, providerUrl);
       String pwd = "password";
      
       char[] password = pwd.toCharArray();
       String name = "user";
      
       try
       {
       AppCallbackHandler handler = new AppCallbackHandler(name, password);
       LoginContext lc = new LoginContext("Test", handler);
       lc.login();
       }
       catch (LoginException e)
       {
       e.printStackTrace();
       }


      The auth.conf as following:
      Test {
       org.jboss.security.auth.spi.DatabaseServerLoginModule required;
      };



      The server return exception like this:
      javax.security.auth.login.LoginException: javax.naming.NameNotFoundException: DefaultDS not bound
       at org.jboss.security.auth.spi.DatabaseServerLoginModule.getUsersPassword(DatabaseServerLoginModule.java:110)
       at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:156)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       at java.lang.reflect.Method.invoke(Unknown Source)
       at javax.security.auth.login.LoginContext.invoke(Unknown Source)
       at javax.security.auth.login.LoginContext.access$000(Unknown Source)
       at javax.security.auth.login.LoginContext$4.run(Unknown Source)
       at java.security.AccessController.doPrivileged(Native Method)
       at javax.security.auth.login.LoginContext.invokeModule(Unknown Source)
       at javax.security.auth.login.LoginContext.login(Unknown Source)


      Thank you