Hi all, I'm Cuspide
I'm developing an application using JAAS. I wrote my Login Module called PersonalModule (that implement LoginModule interface) and my CallbackHandler called PersonalCallbackHandler (that implement CallbackHandler Interface). The PersonalModule execute a query in a Postgres database to verify the identity. Also, I wrote a session bean called ManagerShipBean. In the ManagerShipBean's class, I implemented a method called foo() and in the setSessionContext method I printed SessionContext object (System.out.print(ctx.toString();)
In the ejb-jar.xml file I defined two roles: Admin and GenericUser. The Admin has all provileges, the genericUser has none.
in the client side, I wrote:
PersonalCallbackHandler h = null;
h = new AppCallbackHandler(names, password);
LoginContext lc = new LoginContext("personal", handler);
if the username and passare are correct, it works, else it trows an exception (LoginException).
Now there is my problem: How do I tell Jboss that the user is the Admin or the GenericUser? In fact, whatever user logs in to the system, when I create the ManagerShipBean, the setSessionContext method says that the user is anonymous.