2 Replies Latest reply on Jul 4, 2007 10:56 AM by Guido Scalise

    Remote Login using custom LoginModule

    Guido Scalise Newbie

      Hi ppl,

      We've developed a custom LoginModule to use in our Client/Server EJB3 application. This is because the standard/provided LoginModules don't cover the authentication procedures required by our application.
      The thing is, provided that the security domain is set correctly for the ejb3 application, what are the steps to be able to authenticate against the server remotely (from a standalone client) using our LoginModule? Most of the examples in the JBossSX documentation are for in-same-JVM authentication.

      Kind Regards,
      Guido Scalise

        • 1. Re: Remote Login using custom LoginModule
          Wolfgang Knauf Master

          Hi Guido,

          I will try to give you a short summary:

          a) you need a file "auth.conf" with e.g. this content:

          myappclientsecurity {
           // jBoss LoginModule
           org.jboss.security.ClientLoginModule required
           ;
          };



          b) on startup, add this parameter:
          -Djava.security.auth.login.config=/path/to/my/auth.conf

          c) in your application client, add those lines just after fetching the initial context:

          AppCallbackHandler callbackHandler = new AppCallbackHandler(login, password.toCharArray() );
           LoginContext loginContext = new LoginContext ("myappclientsecurity", callbackHandler);
           loginContext.login();


          Those three changes should be sufficient to have a secured client.

          Hope this helps

          Wolfgang

          • 2. Re: Remote Login using custom LoginModule
            Guido Scalise Newbie

            Thanks Wolfgang, but I have a problem with this... Our custom loginmodule uses an aditional type of Callback, which ClientLoginModule isn't able to handle...

            Also, in which way does the authenticated principal from ClientLoginModule propagate to the ejb3 container and its security domain?

            Kind Regards,
            Guido