1 Reply Latest reply on Mar 31, 2006 2:24 PM by kamal sharma

    Simple Database Authentication in EJB

    kamal sharma Newbie

      Hi,

      Well I am trying to authenticate a user to access an EJB. But nothing seems to work out.

      I get the exception that No LoginModules Configured. I wonder why this error seems to come out. The access works when using simple properties file. Below are the various files.

      For this purpose I have used the Fibo tutorial.

      Any help is appreciated.

      Regards,
      Kamal

      Files:
      ejb-jar.xml
      <?xml version="1.0" encoding="UTF-8"?>

      <!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">

      <ejb-jar >

      <![CDATA[No Description.]]>
      <display-name>Generated by XDoclet</display-name>

      <enterprise-beans>

      <!-- Session Beans -->

      <![CDATA[Description for Fibo]]>
      <display-name>Name for Fibo</display-name>

      <ejb-name>Fibo</ejb-name>

      tutorial.interfaces.FiboHome
      tutorial.interfaces.Fibo
      <ejb-class>tutorial.ejb.FiboBean</ejb-class>
      <session-type>Stateless</session-type>
      <transaction-type>Container</transaction-type>
      <security-role-ref>
      <role-name>Compute</role-name>
      <role-link>Compute</role-link>
      </security-role-ref>


      <!--
      To add session beans that you have deployment descriptor info for, add
      a file to your XDoclet merge directory called session-beans.xml that contains
      the markup for those beans.
      -->

      <!-- Entity Beans -->
      <!--
      To add entity beans that you have deployment descriptor info for, add
      a file to your XDoclet merge directory called entity-beans.xml that contains
      the markup for those beans.
      -->

      <!-- Message Driven Beans -->
      <!--
      To add message driven beans that you have deployment descriptor info for, add
      a file to your XDoclet merge directory called message-driven-beans.xml that contains
      the <message-driven></message-driven> markup for those beans.
      -->

      </enterprise-beans>

      <!-- Relationships -->

      <!-- Assembly Descriptor -->
      <!--
      To specify your own assembly descriptor info here, add a file to your
      XDoclet merge directory called assembly-descriptor.xml that contains
      the <assembly-descriptor></assembly-descriptor> markup.
      -->

      <assembly-descriptor >
      <security-role>
      <role-name>Compute</role-name>
      </security-role>
      <!--
      To specify additional security-role elements, add a file in the merge
      directory called ejb-security-roles.xml that contains them.
      -->

      <!-- method permissions -->
      <!--
      To specify additional method-permission elements, add a file in the merge
      directory called ejb-method-permissions.ent that contains them.
      -->
      <method-permission>


      <ejb-name>Fibo</ejb-name>
      <method-name>create</method-name>

      </method-permission>

      <method-permission>
      <role-name>Compute</role-name>

      <ejb-name>Fibo</ejb-name>
      <method-name>compute</method-name>

      </method-permission>

      <!-- transactions -->
      <!--
      To specify additional container-transaction elements, add a file in the merge
      directory called ejb-container-transactions.ent that contains them.
      -->

      <!-- finder transactions -->

      <!-- message destinations -->
      <!--
      To specify additional message-destination elements, add a file in the merge
      directory called ejb-message-destinations.ent that contains them.
      -->

      <!-- exclude list -->
      <!--
      To specify an exclude-list element, add a file in the merge directory
      called ejb-exclude-list.xml that contains it.
      -->
      </assembly-descriptor>

      </ejb-jar>
      ----------------------------------------------------------------------------------------------------------
      jboss.xml
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 4.0//EN" "http://www.jboss.org/j2ee/dtd/jboss_4_0.dtd">


      <security-domain>java:/jaas/FiboTest</security-domain>
      <enterprise-beans>

      <!--
      To add beans that you have deployment descriptor info for, add
      a file to your XDoclet merge directory called jboss-beans.xml that contains
      the , and <message-driven></message-driven>
      markup for those beans.
      -->


      <ejb-name>Fibo</ejb-name>
      <jndi-name>ejb/Fibo</jndi-name>
      <method-attributes>
      </method-attributes>


      <!--
      write a merge file jboss-webservices.ent for webservice-description
      -->

      </enterprise-beans>

      <!--
      To specify your own assembly descriptor info here, add a file to your
      XDoclet merge directory called jboss-assembly-descriptor.xml that contains
      the <assembly-descriptor></assembly-descriptor> markup.
      -->
      <assembly-descriptor>
      <!-- message destinations -->
      <!--
      To specify additional message-destination elements, add a file in the merge
      directory called jboss-message-destinations.ent that contains them.
      -->
      </assembly-descriptor>

      <resource-managers>
      </resource-managers>

      <!--
      | for container settings, you can merge in jboss-container.xml
      | this can contain <invoker-proxy-bindings/> and <container-configurations/>
      -->


      ----------------------------------------------------------------------------------------------------------
      JUnit Test Case:package jtest;

      import junit.framework.TestCase;
      import java.util.*;

      import javax.naming.Context;
      import javax.naming.InitialContext;
      import javax.rmi.PortableRemoteObject;
      import javax.security.auth.callback.CallbackHandler;
      import javax.security.auth.login.LoginContext;
      import javax.security.auth.login.LoginException;

      import org.jboss.security.auth.callback.UsernamePasswordHandler;

      import tutorial.interfaces.Fibo;
      import tutorial.interfaces.FiboHome;


      public class Compute extends TestCase {

      /** Home interface */
      protected FiboHome home;
      /**
      * Get the initial naming context
      */
      protected Context getInitialContext() throws Exception {
      Hashtable props = new Hashtable();
      props.put(Context.INITIAL_CONTEXT_FACTORY,
      "org.jnp.interfaces.NamingContextFactory");
      props.put(Context.URL_PKG_PREFIXES,
      "org.jboss.naming:org.jnp.interfaces");
      props.put(Context.PROVIDER_URL, "jnp://10.129.78.6:1099");
      Context ctx = new InitialContext(props);
      props.put(Context.SECURITY_PRINCIPAL, "test");
      props.put(Context.SECURITY_CREDENTIALS, "test");
      return ctx;
      }

      /**
      * Get the home interface
      */
      protected FiboHome getHome()
      throws Exception {
      //CallbackHandler handler =
      // new UsernamePasswordHandler("kermit", "frog");
      SimpleCallbackHandler handler= new SimpleCallbackHandler("test","test".toCharArray() );
      /*While executing the param should be com.fibo.jaas.appname=testFibo
      * -Djava.security.auth.login.config==/root/auth.conf
      -Dcom.fibo.jaas.appname=testFibo
      */
      try{
      System.out.println("Before Login Context");

      LoginContext lc = new LoginContext("com.fibo.jaas.appname", handler);
      System.out.println("Before Login");

      lc.login();
      System.out.println("After Login");

      //Context ctx = new InitialContext() ;
      System.out.println("Before context");
      Context ctx = this.getInitialContext();
      System.out.println("after context");
      Object o = ctx.lookup("java:ejb/Fibo");
      System.out.println("after lookup");
      FiboHome intf =(FiboHome) PortableRemoteObject.narrow(o, FiboHome.class);
      System.out.println("after home");
      return intf;
      }
      catch (Exception e) {
      e.printStackTrace() ;
      } finally {
      //lc.logout();
      }
      return null;
      }

      /**
      * Set up the test case
      */
      protected void setUp() throws Exception {
      this.home = this.getHome();
      }

      public void testCompute() {

      Fibo instance;
      double[] out1;

      try{
      this.setUp();
      instance = this.home.create();

      // Method call
      out1 = instance.compute( 50);
      for(int i=0;i<out1.length ;i++)
      System.out.println(out1);
      }
      catch(Exception e){
      e.printStackTrace();
      }
      //Various assertions
      System.out.println("Fibo Computed successfully");
      }

      }


      -----------------------------------------------------------------------------------------------------------
      client.conf
      testFibo {
      org.jboss.security.ClientLoginModule required
      password-stacking="useFirstPass"
      multi-threaded=true
      ;
      };
      ----------------------------------------------------------------------------------------------------------
      mysql-ds.xml
      <?xml version="1.0" encoding="UTF-8"?>

      <local-tx-datasource>
      <jndi-name>MySqlDS</jndi-name>
      <connection-url>jdbc:mysql://localhost:3306/FiboTest</connection-url>
      <driver-class>com.mysql.jdbc.Driver</driver-class>
      <user-name>root</user-name>

      </local-tx-datasource>

      ------------------------------------------------------------------------------------------------------------
      login-config.xml
      <application-policy name="FiboTest">

      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
      flag="required">
      <module-option name="dsJndiName">java:/MySqlDS</module-option>
      <module-option name="principalsQuery">select Password from Principals where PrincipalID=?</module-option>

      <module-option name="rolesQuery">select Role 'Role' from Roles where PrincipalID=?</module-option>
      </login-module>
      <!- Working with static files defined below -->
      <!--<login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
      flag="required">
      <module-option name="usersProperties">props/jbossws-users.properties</module-option>
      <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
      <module-option name="unauthenticatedIdentity">anonymous</module-option>
      </login-module>-->

      </application-policy>

      <application-policy name="FiboTestDBRealm">

      <login-module
      code="org.jboss.resource.security.ConfiguredIdentityLoginModule"
      flag="required">
      <module-option name="principal">root</module-option>
      <module-option name="userName">root</module-option>
      <module-option name="password"></module-option>
      <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=MySqlDS</module-option>
      </login-module>

      </application-policy>
      -------------------------------------------------------------------------------------------------------------
      Any Help is Appreciated.