7

I'm trying to run code within JBoss Container under a different authentication by programatically logging in a user like that (stripped exception handling):

LoginContext ctx = ctx = 
    new LoginContext("MyLoginSchema", 
        new UsernamePasswordCallbackHandler("newuser", "")
    );
ctx.login();

Subject.doAs(ctx.getSubject(), new PrivilegedAction<T>() {
    @Override
    public T run() {
        Subject.getSubject(AccessController.getContext());
        InitialContext ic = new InitialContext();
        EJBContext sctxLookup = (EJBContext) ic.lookup("java:comp/EJBContext");
        Principal principal = sctxLookup.getCallerPrincipal();
    }           
});

Login of newuser works (Call of LoginModule was successful) but Subject.doAs() doesn't associate the new Subject with the EJBContext. The code in the run()-Method still fetches the old user's principal from EJBContext.

I tested another method of retrieving the logged in user but same behavior here:

Subject caller = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");

Any ideas?

Improve this question

2 Answers 2

Reset to default
2

Which LoginModule do you use now? In JBoss 6.1 you had to use ClientLoginModule to authenticate in container.

Improve this answer
1
  • Yes! That's the point. I added ClientLoginModule and it worked.
    – roehrijn
    Commented Oct 16, 2012 at 10:57
0

My understanding is this is currently not supported by JBoss AS 7.1. See this thread

Edit

What I wrote here is wrong, the thread only applies to client side login (outside of a JBoss).

Improve this answer
3
  • it is supported. See answer above.
    – roehrijn
    Commented Oct 16, 2012 at 10:57
  • Ah, yes, it's sever side login, my bad.
    – Philippe Marschall
    Commented Oct 17, 2012 at 18:45
  • No, the Answer is korrect. My code works with ClientLoginmodule in the LoginModule-stack.
    – roehrijn
    Commented Nov 9, 2012 at 7:30

Not the answer you're looking for? Browse other questions tagged or ask your own question.