tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josef.Eis...@bgs-ag.de
Subject Using OpenEJB Security for JAAS LoginModule
Date Fri, 06 Jun 2008 08:24:28 GMT
Hi All,

we use embedded openejb to test our JavaEE-5 (Geronimo App.server) 
Application. With the great help of David Blevins the JUNIT-Tests can 
invoke our session beans and even Transaction Handling is working fine.
At the moment I use a trick to avoid the Login-Procedure, but this won't 
work on the long run.

With Geronimo 2.1.1 we use the JAAS API. Our usage is described in 
http://cwiki.apache.org/GMOxDOC10/geronimo-and-jaas.html. For my 
junit-testcase I need therefore anything which can provide me a 
javax.security.auth.Subject after successful login. With the default - 
Security Service 
  <SecurityService id="Default Security Service"/>
and the configuration in users.properties and groups.properties I get the 
error:

Exception bei Login:Fr vesuv-db-sha256 sind keine Anmeldemodule 
konfiguriert.

(Anmeldemodule = security realm, I think...)

I tried also PseudoSecurityService, but I got an exception as well.

JUNIT-Testcase
                                Properties properties = new Properties();
....
                // Minimum required for login
                properties.setProperty(Context.SECURITY_PRINCIPAL, 
benutzer);
                properties.setProperty(Context.SECURITY_CREDENTIALS, 
passwort);

                // Optional param for specifying a specific Geronimo 
security realm
                properties.put("openejb.authentication.realmName", 
"vesuv-db-sha256");
 
                properties.put("mySecurityService", 
"new://PseudoSecurityService");
....
                        loginManager = (LoginManager) 
initialContext.lookup("LoginManagerImplLocal");
                        loginManager.loginContainer(benutzer, passwort);
....

LoginManager-Session Bean:
...
                try {
                        LoginCallback logcb = new LoginCallback(benutzer, 
passwort);
                        LoginContext lc = new 
LoginContext("vesuv-db-sha256",logcb);
                        lc.login();
                        subject = lc.getSubject();
                }
...

The realm "vesuv-db-sha256" is defined under 
Geronimo-Applicationserver-Console Security - Security Realms.

I read  http://openejb.apache.org/3.0/security.html, but I don't 
understand how to configure the Security for embedded openejb.

Thanx in advance for any help on this.

Mit freundlichen Grüßen / Kind regards
Josef Eisele

Direkt: +49 (0) 6131 / 914-180

BGS Beratungsgesellschaft 
Software Systemplanung AG         Niederlassung Rhein/Main 
Robert-Koch-Straße 41 
55129 Mainz 
Fon: +49 (0) 6131 / 914-0 
Fax: +49 (0) 6131 / 914-400 
www.bgs-ag.de Geschäftssitz Mainz 
Registergericht 
Amtsgericht Mainz 
HRB 62 50 
  Aufsichtsratsvorsitzender 
Dr. Wolfgang Trommer 
Vorstand 
Hanspeter Gau 
Hermann Kiefer 
Nils Manegold 
Heinz-Jörg Zimmermann 


  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message