1 Reply Latest reply on Mar 12, 2011 7:46 AM by Sergii Mavrov

    No valid security context

    Aleksander Bai Newbie

      I'm having a problem with Jboss and JAAS authentication.

      I've created a PasswordLoginModule class which extends LoginModule, and a CallbackHandler class which implements CallbackHandler. Both works fine.

      My bean is very simple:

      public class SecurityBeanImpl implements SecurityBean
       @Resource private SessionContext ctx;
       public String getSimpleString()
       if (ctx.isCallerInRole("admin"))
       System.out.println("Caller is in admin role");
       System.out.println("Caller is NOT in admin role");
       return "insecure string";

      However, when my standalone client tries to call the bean method, using:

      LoginContext loginContext = new LoginContext("MyLogin", new CallbackHandler());
      Hashtable<String, String> env = new Hashtable<String, String>();
      env.put(InitialContext.INITIAL_CONTEXT_FACTORY, "org.jnp.interfaces.NamingContextFactory");
      env.put(InitialContext.URL_PKG_PREFIXES, "org.jboss.naming:org.jnp.interfaces");
      env.put(InitialContext.PROVIDER_URL, "jnp://localhost:1099");
      Context ctx = new InitialContext();
      SecurityBean bean = (SecurityBean) ctx.lookup("SecurityBeanImpl/remote");
      String res = bean.getSimpleString();
      System.out.println("bean returned: " + res);

      I have a client.conf file which i loaded by the jvm, which contains this:
      MyLogin {
      no.prognett.test.things.security.PasswordLoginModule required debug=false;
      Where MyLogin is the client.

      I get a "java.lang.IllegalStateException: No valid security context for the caller identity" Exception. I've read Jaas and Jboss documentation, without finding any luck.

      What am i doing wrong?