-none-

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Tomcat - JSP/Servlet container

Struts - A MVC web framework

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

JSP - A mailing list about Java Server Pages specification and reference

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Servlet : Session invalidate
•	Oracle Connection Pooling in 3 2 2
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Running a Simple JMS Example
•	Tomcat and webapplication specific java library path
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	Value attribute of <html:checkbox
•	url string for connecting jboss to oracle
•	javax servlet ServletException: BeanUtils populate
•	5 0 18: Windows XP Pro vs Windows 2000
•	HTTP Status 404 The requested resource is not available

-none-

-none-

2007-09-01 - By pvelarde

Back
Hi everybody,

I've developed a EJB3.0 Application; now I want to add security using JAAS.

The client is a rich Delphi application that comunicates with server via HTTP
througth a servelt. This servlet has this login JAAS code:

loginContext = new LoginContext("GTSPDB", new MyCallbackHandler(user, password
));
| loginContext.login();
|

where user and password come in the HTTP request. The user authentication works
fine but when I call the sessioncontext getCallerPrincipal into the sessionbean
and error raises:

12:31:11,304 TRACE [SecurityAssociation] getCallerPrincipal, principal=null
| 12:31:11,320 ERROR [STDERR] java.lang.IllegalStateException:
| No valid security context for the caller identity
|

I've declared the security context in login-config.xml

<application-policy name = "GTSPDB">
| <authentication>
| <login-module code="org.jboss.security.auth.spi
.DatabaseServerLoginModule" flag="required">
| <module-option name="dsJndiName">java:/MySqlHibernate</module
-option>
| <module-option name="principalsQuery">SELECT password FROM user
WHERE name=?</module-option>
| <module-option name="rolesQuery">SELECT rolename,'Roles' FROM
userrole WHERE userrole.username=?</module-option>
| </login-module>
| </authentication>
| </application-policy>

and tables in database are populated with these user and roles data.

I've read the "JAAS Howto: README FIRST" but I haven't found solution.

Why Principal is not propagated to sessionbean if login works??? what am I
doing wrong??? am I missing something???

thanks in advance for your help.

pedro.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic
&p=4080248#4080248

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode
=reply&p=4080248

__ ____ ____ ____ ____ ____ ____ ____ ____ ____
jboss-user mailing list
jboss-user@(protected)
https://lists.jboss.org/mailman/listinfo/jboss-user