Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Login a user programmatically via JAAS

Tags:

java

jboss

jaas

jboss7.x

I'm trying to run code within JBoss Container under a different authentication by programatically logging in a user like that (stripped exception handling):

LoginContext ctx = ctx = 
    new LoginContext("MyLoginSchema", 
        new UsernamePasswordCallbackHandler("newuser", "")
    );
ctx.login();

Subject.doAs(ctx.getSubject(), new PrivilegedAction<T>() {
    @Override
    public T run() {
        Subject.getSubject(AccessController.getContext());
        InitialContext ic = new InitialContext();
        EJBContext sctxLookup = (EJBContext) ic.lookup("java:comp/EJBContext");
        Principal principal = sctxLookup.getCallerPrincipal();
    }           
});

Login of newuser works (Call of LoginModule was successful) but Subject.doAs() doesn't associate the new Subject with the EJBContext. The code in the run()-Method still fetches the old user's principal from EJBContext.

I tested another method of retrieving the logged in user but same behavior here:

Subject caller = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");

Any ideas?

like image 866
roehrijn Avatar asked Oct 08 '12 10:10

roehrijn

People also ask

What is required to authenticate a user with JAAS?

All you have to know is how to write your application and specify configuration information (such as in a login configuration file) such that the application will be able to utilize the LoginModule specified by the configuration to authenticate the user.

What is the full form of JAAS in Java?

The Java Authentication and Authorization Service (JAAS) was introduced as an optional package (extension) to the Java 2 SDK, Standard Edition (J2SDK), v 1.3.

What is JAAS server?

The Java Authentication and Authorization Service (JAAS) is a set of application program interfaces (APIs) that can determine the identity of a user or computer attempting to run Java code and ensure that the entity has the right to execute the functions requested.

What is JAAS module?

JAAS provides subject-based authorization on authenticated identities. This document focuses on the authentication aspect of JAAS, specifically the LoginModule interface.

1 Answers

Which LoginModule do you use now? In JBoss 6.1 you had to use ClientLoginModule to authenticate in container.

like image 129
Roman Besolov Avatar answered Oct 25 '22 21:10

Roman Besolov
Sign in to Comment

Related questions

Multicore Java Program with Native Code
Spring LocaleResolver chaining
How to retrieve associated products for configurable product with Magento SOAP API2?
How to figure out on which screen a JDialog is shown
Java statistics package for Robust Statistics
Custom MediaPlayer class in android
Including shared object in maven assembly
java.lang.outofmemory error (web services) on android
how to build project after code changes without mvn clean install?
Why does mongodb seem to save some binary objects and not others?
How do I display a Java HttpPost object as a string?
PDFBox - getting words locations (and not only characters')
Is there a Map implementation that persists the content to database rather than memory? [duplicate]
Spring LDAP: Connection reset by peer
Passing arguments to compiler and javadoc in gradle
Merge two audio files(not concat) in Java(API)?
Schedule periodic tasks in Java, avoid creating new threads until necessary (like CachedThreadPool)
JAXB unmarshalling with java generics
JComponent not Drawing to JPanel
Can I talk Java into printing to the console under Mountain Lion?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!