1 2 Previous Next 19 Replies Latest reply on Aug 2, 2010 2:08 AM by gauravag Go to original post
      • 15. Re: JAAS + EJB3.0 + Jboss unable to propaogate
        gauravag

        Thanks for ur help.Finaaly i made my application complete.

        The code is as folows..

         

        Servlet where EJB is called and our authentication is done

         

        try{
        //here u need to get the logincontext called so that u get authenticated subject
        LoginContext loginContext = new LoginContext("login-config file name",new PasswordCallbackHandler());
        loginContext.login();
        
        //calling ur EJB module
        Properties properties = new Properties();
         properties.setProperty("INITIAL_CONTEXT_FACTORY","org.jnp.interfaces.NamingContextFactory");
         properties.setProperty("URL_PKG_PREFIXES","org.jboss.naming:org.jnp.interfaces");
         properties.setProperty("PROVIDER_URL","jnp://localhost:1099");
             
        Context  context = new InitialContext(properties);
        Object object = context.lookup("java/AttributeBI/remote");
        //rest u now
        loginContext.logout();
        }catch(Exception exception) {
         exception.printStackTrace();}
        

         

         

        Here i have my custom login module which requires (NOTE:user defined) PricipalClass,GroupClass(for roles) ,CallbackHandlers for username and passwords and last CulomLoginModule that implements LoginModule

         

        PasswordCallbackHandler
        public class PasswordCallbackHandler implements CallbackHandler {
            public PasswordCallbackHandler() {
            }
            public void handle(Callback[] callbacks)throws java.io.IOException, UnsupportedCallbackException {
                for (int i = 0; i < callbacks.length; i++) {
                    if (callbacks[i] instanceof NameCallback) {
                        System.out.print("*"+((NameCallback)callbacks[i]).getPrompt());
                        ((NameCallback)callbacks[i]).setName("username");
                    } else if (callbacks[i] instanceof PasswordCallback) {
                        System.out.print("*"+((PasswordCallback)callbacks[i]).getPrompt());
                        String pass=new String("password");
                     ((PasswordCallback)callbacks[i]).setPassword(pass.toCharArray());
                    }}}}    
        

         

        PrincipalClass

         

        public class UserPrincipal implements Principal,
                                              Serializable{
            private String name;
        
            /*** Description : UserPrincipal constructor*/
            public UserPrincipal(){
                name="";
            }//UserPrincipal()
          /** * Description : Parameterize constructor * @param name  */
            public UserPrincipal(String name){
                this.name=name;
            }//UserPrincipal()
        
            /** * Description : This method is to get Name * @return  */
            public String getName() {
               return this.name;
            }//getName()
        
             public String toString() {
            return("UserPrincipal:  " + this.name);
            }
        
            public boolean equals(Object o) {
                if (o == null) {
                    return false;
                }
                if (this == o) {
                    return true;
                }
                if (!(o instanceof UserPrincipal)) {
                    return false;
                }
                UserPrincipal that = (UserPrincipal) o;
                if (this.getName().equals(that.getName())) {
                    return true;
                }
                return false;
            }
        
            public int hashCode() {
                return this.name.hashCode();
            }
        
        }//UserPrinciple

         

         

        Pricicpal Group

        public class PrincipalGroup implements Group, Serializable{
          private final String name;
          private final Set<Principal> users = new HashSet<Principal>();
        
          public PrincipalGroup(String name) {
            this.name = name;
          }
        
          public boolean addMember(Principal user) {
            return users.add(user);
          }
        
          public boolean removeMember(Principal user) {
            return users.remove(user);
          }
        
          public boolean isMember(Principal member) {
            return users.contains(member);
          }
        
          public Enumeration<? extends Principal> members() {
            return Collections.enumeration(users);
          }
        
          public String getName() {
            return name;
          }
        
          public boolean equals(Object o) {
            if (o == null) {
                    return false;
                }
        
                if (this == o) {
                    return true;
                }
        
                if (!(o instanceof PrincipalGroup)) {
                    return false;
                }
                PrincipalGroup that = (PrincipalGroup) o;
        
                if (this.getName().equals(that.getName())) {
                    return true;
                }
                return false;
            }
        
              public int hashCode() {
                    return this.name.hashCode();
                }
        
        }

         

         

        PasswordLoginModule

         

         

        public class PasswordLoginModule implements LoginModule{
            public Subject subject;
            public CallbackHandler callbackHandler;
            public UserPrincipal user_principal;
            private UserPrincipal[] roles;
            public UserCredential user_credential;
            Map sharedState;
            Map option;
            String url;
            String driver;
            private String username;
            private String password;
            boolean debug, result;
            Vector<UserCredential> vector_credentials;
            Vector<UserPrincipal> vector_principal;
        
            /**
             * Description : Initialization method for PasswordLoginModule
             * @param subject
             * @param callbackHandler
             * @param sharedState
             * @param options
             */
            public void initialize(Subject subject,
                                   CallbackHandler callbackHandler,
                                   Map sharedState,
                                   Map options) {
             
                System.out.println("----------Initialization In Login Module----------");
                this.subject=subject;
                this.callbackHandler=callbackHandler;
                this.sharedState=sharedState;
                this.option=options;
                vector_principal = new Vector();
                vector_credentials = new Vector();        
                 if(option.containsKey("debug")) {
                    debug = "true".equals(option.get("debug"));
                }//if
          }//Initialization
        
           /**
             * Description : login method of module
             * @return
             * @throws LoginException
             */
            public boolean login() throws LoginException {
                 if( debug ) {
        
                 Callback[] callbacks = new Callback[2];
                callbacks[0] = new NameCallback("UserName :");
                callbacks[1] = new PasswordCallback("Password :", true);        
                try {
                callbackHandler.handle(callbacks);
                   
                }catch(Exception ex) {
                 ex.printStackTrace();
                }
                 username = ((NameCallback) callbacks[0]).getName();
                 System.out.println("user name =  "+username);
                 password = new String(((PasswordCallback) callbacks[1]).getPassword());
                 System.out.println("pass =  "+password);
                 
                 user_principal = new UserPrincipal(username);
                 vector_principal.add(user_principal);
         
                 roles = new UserPrincipal[] {
                   new UserPrincipal("done") // for example
                   };
        
                 UserCredential userCredential = new UserCredential();
                 userCredential.setProperty("Roles","done");
                 vector_credentials.add(userCredential);
               return true;
            }//login()
        
          /**
             * Description : Commit method to set subject over logincontext
             *               after successful login
             * @return
             * @throws LoginException
             */
            public boolean commit() throws LoginException {
             
                if( debug ) {
                 System.out.println("------------Commit Event----------");
                     if ( subject.isReadOnly() ) {
                        throw new LoginException("Subject is Readonly");
                    }//if
                     try{                
                         this.subject.getPrincipals().addAll(vector_principal);
        
                        PrincipalGroup group = new PrincipalGroup("Roles");
        
                        for (UserPrincipal role : roles) {
                        group.addMember(role);
                       }
                       subject.getPrincipals().add(group);
                       subject.getPublicCredentials().addAll(vector_credentials);
                          return true;
                    }catch(Exception ex){
                       ex.printStackTrace(System.out);
                       throw new LoginException(ex.getMessage());
                   }//catch
                 }
                else {
                 return false;
                }
               
            }//commit()
        
            /**
             * Description : This method get called when login is get aborted
             * @return
             * @throws LoginException
             */
            public boolean abort() throws LoginException {
                 System.out.println("-----------Abort Event--------------");
               return true;
            }//abort()
         /**
             * Decription : This method is to get logout from logincontext
             * @return
             * @throws LoginException
             */
            public boolean logout() throws LoginException {
                  vector_principal.clear();
                  vector_credentials.clear();          
               return true;
            }//logout()   
           }// PasswordLoginModule
        
        

         

         

        @Stateless(name=mapped.JNDI_NAME)
        @RolesAllowed("done")
        public class AttributeBO implements AttributeBI {
        
        private SessionContext sctx;
        
            public void setMessageContext(MessageContext messageContext) {
                this.messageContext = messageContext;
            }
        @Resource
        private void setSctx(SessionContext sctx){     
                this.sctx = sctx;        
            }
        @Resource
        private void seteJBContext(EJBContext eJBContext) {
                this.eJBContext = eJBContext;
            }
        private AttributeEAO attributeEAO;
        
         @EJB
         public void setAttributeEAO(AttributeEAO attributeEAO) {
          this.attributeEAO = attributeEAO;
          
         }
        
         /**
          * Description : This method is to create Attribute
          * @param attribute
          */
         public void createAttribute(Attribute attribute) {
                  
                Principal user_principle=sctx.getCallerPrincipal();
                System.out.println("Ejb Side Principal "+user_principle.getName());
                System.out.println("Ejb Side isCallerInRole "+sctx.isCallerInRole("done"));
                
         }//createAttribute()
        

         

        Now in this i want to get my credentials but there is no existing metood to receive the credentials.. Credentails may contain some propertiesas our own variable values...

         

        my jboss-xml is as

        <jboss>
        <security-domain>java:/jaas/PassAuth</security-domain>
        </jboss>
        

         

         

        my config file ia as

         

        PassAuth{
              com.mqa.iam.module.PasswordLoginModule required debug="true" 
        };
        

         

         

        Also my login config is like this :

         

        <application-policy name="PassAuth">
            <authentication>
               <login-module code="ur own cutomloginmodule" flag="required">
                <module-option name="debug">true</module-option>
                  </login-module>  
        <!--this is used to propagate the values from web to ejb this is must -->     
               <login-module code="org.jboss.security.ClientLoginModule" flag="required">
               </login-module>    
            </authentication>
          </application-policy>
        
        • 16. Re: JAAS + EJB3.0 + Jboss unable to propaogate
          gauravag

          I have posted my complete code for  others help as well.

           

          But my problem is  that i'm not able to receive full credentials at EJB side (these  credentials can be user defined values added to subject as public  credentials).

           

          So kindly tell me way to  receive that at EJB side.

           

          Or any way to  progate bunch of parameters(or a property file) from servlet To EJB.

           

          Thanks & Regards,

          Gaurav

          • 17. Re: JAAS + EJB3.0 + Jboss unable to propaogate
            wolfgangknauf

            Hi,

             

            others had this problem, too, and maybe it is a JBoss bug. See e.g. this: http://community.jboss.org/message/531986#531986

            Maybe it is this JIRA issue: https://jira.jboss.org/browse/EJBTHREE-1756

             

            Best regards

             

            Wolfgang

            • 18. Re: JAAS + EJB3.0 + Jboss unable to propaogate
              gauravag

              First thanks a lot for all this help.

               

              I have near by completed my work.But i have faced another problem.

               

              Do we have to call LoginContext("loginconfig",Handler) each time before calling an EJB or to get the same values in other request.?

              I want that if the same user makes the request next time so this time he may need not reauthenticate himsel again and again.

               

              How can i do that..?

               

              Regards,

              Gaurav

              • 19. Re: JAAS + EJB3.0 + Jboss unable to propaogate
                gauravag

                hi ,


                        As such i have completed with JAAS Authentication & autherization in enterprise application.


                but now the issue is ,

                  

                      I have my web applicatin where i am accepting user name & password and validationg that user through login module in one action means calling login method over login context. the user is authenticated and after calling ejb method in same method (action method ) i am able to propogate principal and roles in ejb side. but the issue is the login context wont be over web application, mean to say if i want to call ejb in other action the previous login context information will not get propogate to ejb side. In that case i again need to call login method of login context then only the information can be pass.


                    My question is whether in web we need to create login context or need to call login context login() method once or with every request of web we need to call login() method.


                  plz solve this issue ...


                   Thanx



                1 2 Previous Next