0 Replies Latest reply on Jan 25, 2006 8:03 AM by Luigi Santangelo

    the subject is always anonymous. Why?

    Luigi Santangelo Newbie

      Hi all, I'm Cuspide
      I'm developing an application using JAAS. I wrote my Login Module called PersonalModule (that implement LoginModule interface) and my CallbackHandler called PersonalCallbackHandler (that implement CallbackHandler Interface). The PersonalModule execute a query in a Postgres database to verify the identity. Also, I wrote a session bean called ManagerShipBean. In the ManagerShipBean's class, I implemented a method called foo() and in the setSessionContext method I printed SessionContext object (System.out.print(ctx.toString();)
      In the ejb-jar.xml file I defined two roles: Admin and GenericUser. The Admin has all provileges, the genericUser has none.

      <ejb-jar>
      <enterprise-beans>

      <ejb-name>ManagerShip</ejb-name>
      src.ManagerShip.ManagerShipHome
      src.ManagerShip.ManagerShipRemote
      <ejb-class>src.ManagerShip.ManagerShipBean</ejb-class>
      ...

      </enterprise-beans>
      <assembly-descriptor>
      <security-role>
      <role-name>Admin</role-name>
      </security-role>
      <security-role>
      <role-name>GenericUser</role-name>
      </security-role>
      <method-permission>
      <role-name>
      Admin
      </role-name>

      <ejb-name>ManagerShip</ejb-name>
      <method-name>*</method-name>

      </method-permission>
      </assembly-descriptor>
      </ejb-jar>

      in the client side, I wrote:
      PersonalCallbackHandler h = null;
      h = new AppCallbackHandler(names, password);
      LoginContext lc = new LoginContext("personal", handler);
      lc.login();

      if the username and passare are correct, it works, else it trows an exception (LoginException).
      Now there is my problem: How do I tell Jboss that the user is the Admin or the GenericUser? In fact, whatever user logs in to the system, when I create the ManagerShipBean, the setSessionContext method says that the user is anonymous.