Re: Jaas authentication
On 19 Mag, 11:30, Donkey Hottie <s...@fred.pp.fi> wrote:
Michele Milidoni <michelemilid...@gmail.com> wrote in news:b74d6e84-6682-
4e30-bc46-c6d67cd0a...@s31g2000vbp.googlegroups.com:
Hello,
I'm trying to create a client-server authentication with JAAS (and
LDAP).
My problem is that authentication with LDAP it's ok but JavaEE Server
don't recognize logged user.
This is client fragment code:
System.setProperty("java.security.auth.login.co=
nfig", "src/
conf/jaas.conf");
LoginCallbackHandler("user.0","secret"));
lc.login();
Context ic = new InitialContext();
AutoreRemote foo = (AutoreRemote) ic.lookup("=
AutoreBean");
System.out.println("Return Message: "+foo.getAu=
tore());
This is server fragment code:
@Stateless
public class AutoreBean implements AutoreRemote {
@Resource SessionContext sc;
public String getAutore() {
Principal caller = sc.getCallerPrincipal();
return caller.getName();
}
}
This is the system output
[LdapLoginModule] authentication-only m=
ode; SSL
disabled
[LdapLoginModule] user provider: ldap:/=
/localhost:1389/
[LdapLoginModule] attempting to authent=
icate user:
user.0
[LdapLoginModule] authentication succee=
ded
[LdapLoginModule] added LdapPrincipal "=
uid=user.
0,ou=People,dc=example,dc=com" to Subject
[LdapLoginModule] added UserPrincipal "=
user.0" to
Subject
Return Message: ANONYMOUS
Why it reply with Principal ANONYMOUS?
Maybe you need to run getAutore() via
Subject.runAs()
I cannot run Subject.doAs() because it don't require a EJB but a class
witch implements PrivilegedAction.