Access Secure EJB on Glassfish from Standalone Java application -


i trying access secure ejb (on glassfish) stand-alone application(running in eclipse). have jaas login module working fine web project (if configured in web.xml <realm-name>myrealm</realm-name> etc), want secure ejb same login module (as custom login module authenticate user , add "user" authenticated context, have used same for ejb typing @rolesallowed({"user"})

here ejb project contains 1 ejb.

@stateless(name="hiejb", mappedname = "ejb/hiejb") @rolesallowed({"user"}) @remote(hiejbremote.class) @local(hiejblocal.class) public class hiejb implements hiejbremote, hiejblocal {      @override     public string gethello() {         return "3d studio max";     } }

please note, able access ejb stand alone client if remove @rolesallowed({"user"}).

here stand-alone client code (a simple java class running eclipse) , auth.conf contents

default { com.maz.test.mycustomeloginmodule required; };

and here main function

public static void main(string[] args) throws exception {          string authfile = "d:/auth.conf";         system.setproperty("java.security.auth.login.config", authfile);         programmaticlogin programmaticlogin = new programmaticlogin();          programmaticlogin.login("zahoor", "abc123".tochararray()); //here on line exception occurs.           properties p = new properties();         //p.setproperty("java.naming.factory.initial","org.jnp.interfaces.namingcontextfactory");         p.setproperty("java.naming.factory.url.pkgs","org.jboss.naming:org.jnp.interfaces");         p.setproperty("java.naming.provider.url", "hostname:jnpport");         p.setproperty(context.security_principal, "zahoor");         p.setproperty(context.security_credentials, "abc123");         initialcontext ic = new initialcontext(p);          final string jndiname = "ejb/hiejb";         hiejbremote testejb = (hiejbremote) ic.lookup(jndiname);         system.out.println("got reference of remote interface");         system.out.println("resulte ejb::->"+ testejb.gethello());          programmaticlogin.logout();     }

when run above code see following exception.

programmaticlogin.login("zahoor", "abc123".tochararray());

exception occurs on above line.

jun 27, 2014 6:59:20 pm com.sun.appserv.security.appservpasswordloginmodule extractcredentials severe: sec1105: passwordcredential required not provided. jun 27, 2014 6:59:20 pm com.sun.appserv.security.programmaticlogin login severe: sec9050: programmatic login failed com.sun.enterprise.security.auth.login.common.loginexception: javax.security.auth.login.loginexception: no credentials.     @ com.sun.enterprise.security.auth.login.logincontextdriver$9.run(logincontextdriver.java:889)     @ com.sun.enterprise.security.common.appservaccesscontroller.doprivileged(appservaccesscontroller.java:61)     @ com.sun.enterprise.security.auth.login.logincontextdriver.doclientlogin(logincontextdriver.java:881)     @ com.sun.appserv.security.programmaticlogin$1.run(programmaticlogin.java:184)     @ java.security.accesscontroller.doprivileged(native method)     @ com.sun.appserv.security.programmaticlogin.login(programmaticlogin.java:168)     @ com.sun.appserv.security.programmaticlogin.login(programmaticlogin.java:239)     @ clienttest.main(clienttest.java:51) caused by: javax.security.auth.login.loginexception: no credentials.     @ com.sun.appserv.security.appservpasswordloginmodule.extractcredentials(appservpasswordloginmodule.java:331)     @ com.sun.appserv.security.appservpasswordloginmodule.login(appservpasswordloginmodule.java:140)     @ sun.reflect.nativemethodaccessorimpl.invoke0(native method)     @ sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:39)     @ sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:25)     @ java.lang.reflect.method.invoke(method.java:597)     @ javax.security.auth.login.logincontext.invoke(logincontext.java:769)     @ javax.security.auth.login.logincontext.access$000(logincontext.java:186)     @ javax.security.auth.login.logincontext$4.run(logincontext.java:683)     @ java.security.accesscontroller.doprivileged(native method)     @ javax.security.auth.login.logincontext.invokepriv(logincontext.java:680)     @ javax.security.auth.login.logincontext.login(logincontext.java:579)     @ com.sun.enterprise.security.auth.login.logincontextdriver$9.run(logincontextdriver.java:887)     ... 7 more

questions:

  1. is possible access secure ejb (deployed on glassfish) stand alone client?
  2. is there configuration required in ejb project (other @rolesallowed({"user"})) tell login module use? how can configured. know web project can secured through web.xml providing authentication configuration.
  3. by specifying default { com.maz.test.mycustomeloginmodule required; }; in auth.conf thing or not, assuming tells programmaticlogin use mycustomeloginmodule authentication.

jaas support ejbs

if invoke ejb application client outside ejb container, java authentication , authorization service (jaas) not supported ejb. however, if call ejb servlet within oc4j instance, jaas supported.

http://docs.oracle.com/cd/b14099_19/web.1012/b15505/access.htm#sthref262


Comments

Post a Comment

Popular posts from this blog

javascript - RequestAnimationFrame not working when exiting fullscreen switching space on Safari -

request animation frame stops working when exiting fullscreen clicking on original space's safari window. fine if fullscreen mode canceled escape key or calling cancelfullscreen(). steps reproduce: open https://dl.dropboxusercontent.com/u/769042/prezi/safari-fullscreen.html click "draw raf", kittie appears click "fullscreen", go fullscreen click "draw raf", kittie appears go space original safari was, showing "click exit fullscreen mode", click anywhere, out fullscreen click "draw raf", nothing happens what handling click calling: window.requestanimationframe(draw); which draws on canvas context: function draw() { ctx.drawimage(img, math.random()*500|0, math.random()*400|0, 100, 100); } i checked .hidden , .visibilitystate, updated correctly. tested on osx 10.9.3, safari 7.0.4 (9537.76.4). has workaround/solution other switching old settimeout? this sounds webkit bug 88940 : using reque
Read more

Python ctypes access violation with const pointer arguments -

i have api i'm trying wrap in python (2.7.6 on win7) code using ctypes. here's api: client_dllfunc bool clientapi search_exporttoclipcopy(clienthsearch handle, int channel, lpctstr filename, const time_t& from, const time_t& to, const bool* cameras, int length, bool usepassword, lpctstr password, bool includetextin = false, bool excludeplayer = false); the issue i'm having cameras argument; , i've had issue other const pointer arguments well. here's how i'm wrapping api: def search_exporttoclipcopy(self, hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, password, includetextin=true, excludeplayer=false): exporttoclipcopy = self.sdkdll.search_exporttoclipcopy exporttoclipcopy.argtypes = [c_int, c_int, c_wchar_p, c_long, c_long, pointer(c_bool), c_int, c_bool, c_wchar_p, c_bool, c_bool] exporttoclipcopy.restype = c_bool exporttoclipcopy(hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, pass
Read more