1 Reply Latest reply on Mar 12, 2011 7:46 AM by Sergii Mavrov

    No valid security context

    Aleksander Bai Newbie

      I'm having a problem with Jboss and JAAS authentication.

      I've created a PasswordLoginModule class which extends LoginModule, and a CallbackHandler class which implements CallbackHandler. Both works fine.

      My bean is very simple:

      @Stateless
      @Remote(SecurityBean.class)
      @DeclareRoles({"admin"})
      public class SecurityBeanImpl implements SecurityBean
      {
       @Resource private SessionContext ctx;
       public String getSimpleString()
       {
       if (ctx.isCallerInRole("admin"))
       System.out.println("Caller is in admin role");
       else
       System.out.println("Caller is NOT in admin role");
       return "insecure string";
       }
      }
      


      However, when my standalone client tries to call the bean method, using:

      LoginContext loginContext = new LoginContext("MyLogin", new CallbackHandler());
      loginContext.login();
      
      Hashtable<String, String> env = new Hashtable<String, String>();
      env.put(InitialContext.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");
      env.put(InitialContext.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces");
      env.put(InitialContext.PROVIDER_URL, "jnp://localhost:1099");
      
      Context ctx = new InitialContext();
      SecurityBean bean = (SecurityBean) ctx.lookup("SecurityBeanImpl/remote");
      
      String res = bean.getSimpleString();
      System.out.println("bean returned: " + res);
      


      I have a client.conf file which i loaded by the jvm, which contains this:
      MyLogin {
      no.prognett.test.things.security.PasswordLoginModule required debug=false;
      };
      Where MyLogin is the client.

      I get a "java.lang.IllegalStateException: No valid security context for the caller identity" Exception. I've read Jaas and Jboss documentation, without finding any luck.

      What am i doing wrong?