1 Reply Latest reply on Oct 31, 2007 2:01 AM by alllle

Authentication info not passed to login module when invoking

alllle Oct 30, 2007 12:04 AM

JBoss AS 4.0.5GA and JBoss Messaging 1.0.4 SP4.

I am having problem to invoke local EJB from a MDB due to authentication problem. I used the following to create the InitialContext object:

Hashtable<String, Object> env = new Hashtable<String, Object> ();
env.put(Context.SECURITY_PRINCIPAL, username);
env.put(Context.SECURITY_CREDENTIALS, password);
env.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.security.jndi.JndiLoginInitialContextFactory");

InitialContext context = new InitialContext(env);

However, the login module does not get the username and password during the authentication. These values are null and therefore the invocation to the EJB fails with exception.

The remote client can access the EJB without problems with the same code, in which case a separate jndi.properties file is also used to specify the following jndi properties:

java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
java.naming.provider.url=localhost

Does anyone know why the security information is not passed to the LoginModule?

Thanks!

1. Re: Authentication info not passed to login module when invo

alllle Oct 31, 2007 2:01 AM (in response to alllle)

Problem solved after trace into JBoss code.

The reason is that I created the InitialContext at the time when the MDB is created and try to reuse it when the onMessage() is invoked. What happens behind the scene is that JBoss saves the username / password into a ThreadLocal variable in server environment when the InitialContext is created. This ThreadLocal variable is not there anymore when the onMessage() is invoked because it is a different thread. Hence, the security information is lost and causes the authentication exception.

I now create a new InitialContext object when processing the onMessage() method. Seems working fine.
Actions