-
1. Re: SecurityAssociaton.getSubject is null
I don't know specifically about your LoginModule, but to get the logged-in Subject onto the SecurityAssocation stack we need to have two login modules, one is our own custom one, and the other is the JBoss ClientLoginModule. It is the ClientLoginModule that pushes the Subject onto the SecurityAssociation stack upon commit(), and pops on logout() and abort(). Note - make sure that you set restore-login-identity to true for the ClientLoginModule otherwise you get strange behaviour upon cache timeout.
-
2. Re: SecurityAssociaton.getSubject is null
*************
***URGENT***
*************
Hi ,
Please help at your earliest. Below are the detailed description for tbe above.
We have a two ear deployed in JBoss. One ear contains all EJBs. Second Ear contains war file and internally invokes EJBs.
When my system receives (Using MDBs) messages it?s processed perfectly but when I am unable to login in web application.
I thought during migration just I can deploy my ear files but I found some class loader problems. But when I removed all the EJB client jars from the .war/web-inf/lib, It worked.
But login problem is still there, I believe this problem is due to JAAS/SSL configuration.
We have a problem with JAAS in new version of JBoss-4.0.5. The same approach is working in JBoss-3.2.3 version.
We are using customized login module and this login module is invoked properly and subject is populated
subject.getPrivateCredentials().add(userBean);
logger.info("Adding role '" + userBean.getRole() + "' to context");
userRoles.addMember(new SimplePrincipal(userBean.getRole()));
Login module returns true.
But from action class, when we call below code subject is null.
EntryUser user = EISDataHelper().getUser();
signature of getUser is as below:
public EntryUserBean getUser() throws CustodyException, RemoteException {
Subject subj = SecurityAssociation.getSubject(); //Here subject is null(in JBoss-4.0.5.GA), while same code is running in JBoss-3.2.3
if (subj == null) {
logger.debug("subject is null");
return null;
}
:
:
:
}
Configuration for login module in login-config.xml is as below :
<application-policy name="settlement">
<login-module code="com.db.dcs.model.settlements.jboss.security.LdapDBLoginModule" flag="required">
<module-option name="validatePWD">true</module-option>
</login-module>
</application-policy>
Configuration for JAAS in conf/jboss-service.xml is as below :
<!-- ==================================================================== -->
<!-- Security -->
<!-- ==================================================================== -->
jboss.security:service=XMLLoginConfig
login-config.xml
<!-- JAAS security manager and realm mapping -->
<!-- change JaasSecurityManager by JaasSecurityDomain -->
org.jboss.security.plugins.JaasSecurityDomain
<!--JaasSecurityDomain -->
jboss.security:service=JaasSecurityManager
${jboss.server.home.dir}/ssl/abc.keystore
XYZ
Configuration for SSL in deploy/jbossweb-tomcat55.sar/server.xml is as below :
Configuration for security domain in deploy/settlement-webapp.ear/settlement-webapp.war/jboss-web.xml is as below :
<jboss-web>
<security-domain>java:/jaas/settlement</security-domain>
</jboss-web>