2 Replies Latest reply on Jun 4, 2003 5:07 PM by mgariepy

    LDAP -> getCallerPrincipal returns null ??

    Lewis Henderson Novice

       

      "CobraFlow" wrote:
      I have a fully working system using the Database login module. I am trying out the LDAP login module. I authenticate correctly and get the roles that I expect. At some points during code execution, I use the getCallerPrincipal().getName() method to report the current user to Log4J.

      I recieve null. Is there something else I should be doing to set the Principal name (CallerPrincipal) in the Login-Config.xml ?

      Lewis


        • 1. Please ignore...Another senior moment!
          Lewis Henderson Novice

          This LDAP stuff is all working (very) well!!!!

          It's me!


          Lewis

          • 2. Re: LDAP -> getCallerPrincipal returns null ??
            mgariepy Newbie

            Lewis,

            I'm running 3.2.1 and trying to get the Database JAAS to work. My config looks like:

            LOGIN-CONFIG.XML (in server/default/conf)
            <application-policy name="awareSecurity">

            <login-module flag="required" code="org.jboss.security.auth.spi.DatabaseServerLoginModule">
            <!-- This tells it where to find the MS SQL Server DataSource that provides the usernames/passwords. -->
            <module-option name="dsJndiName">java:/AwareDB</module-option>
            <module-option name="principalsQuery">select login_id, password from aw_user where login_id = ?</module-option>
            <module-option name="rolesQuery">select login_id, auth_level, auth_group from aw_user where login_id = ?</module-option>
            </login-module>

            </application-policy>

            AUTH.CONF (in client/ )
            org.jboss.security.auth.spi.DatabaseServerLoginModule required
            dsJndiName="java:/AwareDB"
            principalsQuery="select login_id, password from aw_user where login_id = ?"
            rolesQuery="select login_id, auth_level, auth_group from aw_user where login_id = ?"
            unauthenticatedIdentity=nobody
            ;

            Deployment descriptors in my awPrefs EJB:

            JBOSS.XML

            <security-domain>java:/jaas/awareSecurity</security-domain>
            <enterprise-beans>

            EJB-JAR.XML
            <assembly-descriptor>
            <security-role>
            <role-name>Read</role-name>
            </security-role>
            <security-role>
            <role-name>Write</role-name>
            </security-role>
            <method-permission>
            <role-name>Read</role-name>

            <ejb-name>awPrefs</ejb-name>
            <method-name>*</method-name>

            </method-permission>

            The awPrefs EJB deploys correctly.

            I'm having trouble in the client code, it returns that principal is null in server log. Psuedo client code looks like:

            AppCallbackHandler handler = new AppCallbackHandler(username, password.toCharArray());
            LoginContext lc = new LoginContext("client-login", handler);
            lc.login();
            ...
            initialize() //Get JNDI initialContext

            Any idea what my client code should look like? Since you had a working system with a Database login module, I thought I ask ...

            Many Thanks!

            Mark