-
1. Re: Peer address from LoginModule
ragavgomatam Sep 10, 2008 4:10 PM (in response to carl-johan.persson)Not a straightforward way. But there was a post earlier, that advises users to use interceptor pairs on client & server. Client interceptor captures ip address in addition to login & sends that across to server interceptor pair.
-
2. Re: Peer address from LoginModule
carl-johan.persson Sep 11, 2008 12:00 PM (in response to carl-johan.persson)Custom LoginModule is driven by Web Service's . I can see earlier on call stack that hostName and protocol can be found in LoginContext:
my.security.auth.spi.DatabaseServerLoginModule.login(DatabaseServerLoginModule.java:116)
sun.reflect.NativeMethodAccessorImpl.invoke0(NativeMethodAccessorImpl.java)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
java.security.AccessController.doPrivileged(AccessController.java)
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
javax.security.auth.login.LoginContext.login(LoginContext.java:579)
org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
org.jboss.web.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMgrRealm.java:491)
org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180)
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
java.lang.Thread.run(Thread.java:619)
Now I am trying to create LoginContext in CustomLoginModule::initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options)
{
super.initialize(subject, callbackHandler, sharedState, options);
this.subject = subject;
try {
loginContext = new LoginContext("MySP", subject, callbackHandler);
} catch (LoginException ex) {
Logger.getLogger(DatabaseServerLoginModule.class.getName()).log(Level.SEVERE, null, ex);
}
But it does not give client ip.
Maybe there is some abstraction on Jboss Remote for getting client ip ? -
3. Re: Peer address from LoginModule
carl-johan.persson Sep 12, 2008 4:31 AM (in response to carl-johan.persson)
A (maybe not very good) way for getting client ip
Thread.currentThread().getName()
Name string is in format "someworkerthreadname#[127.0.0.1:1867]"
and parse that string -
4. Re: Peer address from LoginModule
egiva Jun 19, 2009 10:14 AM (in response to carl-johan.persson)Have you succeeded to retrieve client IP on login module? I mean in normal API way, other then parsing thread name :)
-
5. Re: Peer address from LoginModule
anil.saldhana Jun 23, 2009 2:24 PM (in response to carl-johan.persson)As in FAQ, maybe u can get access to the servlet req in the LM and get the IP