2 Replies Latest reply on Jun 8, 2010 5:12 PM by breako

    Having major problems setting up a user on JNDI Security

    breako

      Hi,

      According to this cool and short article: http://community.jboss.org/wiki/JndiLoginInitialContextFactory

      I should be able to set up a User / Password on JNDI as described in the article and invoke an EJB method that has security constraints.

       

      Here is my EJB:

       

      @Stateless
      @SecurityDomain("TitanIdentityDB")
      @RolesAllowed("AUTHORIZED_MERCHANT")
      public class TravelAgentBean implements TravelAgentRemote {


          public Cabin findCabin(int pKey) {
              ...
          }

      }

       

      Here is the application-policy I added to login-config.xml

       

      <application-policy name="TitanIdentityDB">
          <authentication>
            <login-module code="org.jboss.security.auth.spi.UserRolesLoginModule"
              flag="required">
               <!-- Any existing security context will be restored on logout -->
               <module-option name="usersProperties">props/user-titan.properties</module-option>
               <module-option name="rolesProperties">props/roles-titan.properties</module-option>
            </login-module>
          </authentication>
        </application-policy>

       

      Here is user-titan.properties

       

      admin=admin

       

      Here is roles-titan.properties

       

      admin=AUTHORIZED_MERCHANT

       

       

      And here is my stand alone client which runs outside the EJB container.

       

      public class TextClient {

       

           public static Context getInitialContext() throws NamingException {
              if (context == null){
                  Properties p = new Properties();
                  p.put(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.security.jndi.JndiLoginInitialContextFactory");
                  p.put(Context.PROVIDER_URL, "jnp://localhost:1099");
                  p.put(Context.SECURITY_PRINCIPAL, "admin");
                  p.put(Context.SECURITY_CREDENTIALS, "admin");
                  context = new javax.naming.InitialContext(p);
              }
              return context;
           }

       

           public static void main(String[] args) throws Exception{
              java.lang.Object ref = getInitialContext().lookup("TravelAgentBean/remote");

              TravelAgentRemote dao =
                  (TravelAgentRemote)PortableRemoteObject.narrow(ref, TravelAgentRemote.class);

                  cabin_2 = dao.findCabin(1);

           }

       

      }

       

      When I run the client I keep getting:

       

      Exception in thread "main" javax.ejb.EJBAccessException: Invalid User
          at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:165)
          at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)

       

      And I am tearing my hair out about this all day.

       

      Any ideas?

       

      Thanks in Advance.