0 Replies Latest reply on Feb 1, 2008 3:51 PM by Gabriel Bermudez

    Authentication on standalone client

    Gabriel Bermudez Newbie

      Hi,

      I have a little doubt about the ClientLoginModule. I am able to use this module on my standalone client, but it works in a different way than the expected. The AA is been done when a method from an EJB (properly configured) is called, but not when I call the LoginContext.login method.

      Can some one give me an example of how to combine this ClientLoginModule with another LoginModule so the authorization is performed on the LoginContext.login method?

      What I have up until now is the following:

      --- on the standalone client ---
      [other.conf]

      other {
       // jBoss LoginModule
       org.jboss.security.ClientLoginModule required
       ;
      
       // Put your login modules that need jBoss here
      };
      

      [TestLogin.java]
      try {
       System.setProperty("java.security.auth.login.config", "other.conf");
      
       CallbackHandler handler=new UsernamePasswordHandler("user","1234567");
       LoginContext context=new LoginContext("srp-client", handler);
       context.login();
      
       InitialContext initCtx=new InitialContext();
       ImportadorEsAgilRemote bean=(ImportadorEsAgilRemote) initCtx.lookup("ImportadorEsAgilBean/remote");
       bean.importarPrecios("hola mundo");
      } catch (LoginException e) {
       // TODO Auto-generated catch block
       e.printStackTrace();
      } catch (NamingException e) {
       // TODO Auto-generated catch block
       e.printStackTrace();
      }
      

      --- on my ejb project ---
      [jboss.xml]
      <?xml version="1.0" encoding="UTF-8"?>
      <jboss>
       <security-domain>java:/jaas/other</security-domain>
      </jboss>
      

      [login-config.xml]
       <application-policy name = "other">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag = "required" />
       </authentication>
       </application-policy>
      


      Thanks for all your help