ejb@glassfish.java.net

Re: ProgrammaticLogin without login configuration file - how can it be done programmatically?

From: Andreas Kozma <andreas.kozma_at_ansis.com>
Date: Thu, 4 Jun 2009 21:36:43 +0200

In the meantime, I found an answer by studying the source code of
ProgrammaticLogin: the solution is to set your own configuration
using Configuration.setConfiguration(myOwnConfig). Once you set your
own configuration, ProgrammaticLogin doesn't need the
appclientlogin.conf anymore.


Example:

                Configuration.setConfiguration(new Configuration() {

                        @Override
                        public AppConfigurationEntry[] getAppConfigurationEntry(String
name) {
                                
                                Map<String,Boolean> options = new HashMap<String, Boolean>();
                                options.put("debug", new Boolean(false));
                                
                                if ("default".equals(name))
                                        return new AppConfigurationEntry[] {new
AppConfigurationEntry
("com.sun.enterprise.security.auth.login.ClientPasswordLoginModule",
LoginModuleControlFlag.REQUIRED, options)};
                                if ("certificate".equals(name))
                                        return new AppConfigurationEntry[] {new
AppConfigurationEntry
("com
.sun.enterprise.security.auth.login.ClientCertificateLoginModule",
LoginModuleControlFlag.REQUIRED, options)};
                                
                                throw new AEFRuntimeException("New Configuration was asked for: "
+ name + ", but it should have been default or certificate!");
                        }

                        @Override
                        public void refresh() {
                                // we don't need to refresh anything!
                        }
                        
                });
                
                ProgrammaticLogin pm = new ProgrammaticLogin();
                boolean success = pm.login(user, password);
                System.out.println("Login success: " + success);

                Properties props = new Properties();
            props.setProperty("java.naming.factory.initial",
"com.sun.enterprise.naming.SerialInitContextFactory");
            props.setProperty("java.naming.factory.url.pkgs",
"com.sun.enterprise.naming");
            props.setProperty("java.naming.factory.state",
"com.sun.corba.ee.impl.presentation.rmi.JNDIStateFactoryImpl");

            // Only needed if server is running on a different host than
localhost:
            props.setProperty("org.omg.CORBA.ORBInitialHost", getServer());
            // Optional. Defaults to 3700. Only needed if target orb port
is not 3700.
            props.setProperty("org.omg.CORBA.ORBInitialPort", "3700");

            context = new InitialContext(props);

                return context;



Kind regards,

- Andreas Kozma
www.ansis.com



On Jun 4, 2009, at 8:19 , Andreas Kozma wrote:

> Jose, thanks for your reply.
>
> we would actually like to use the ProgrammaticLogin (as described in http://blogbysud.blogspot.com/2007/10/programmatic-login-to-authenticate.html)
> , but instead of supplying the VM argument
>
> -Djava.security.auth.login.config=/appclientlogin.conf and the
> appclientlogin.conf as a separate file, we would like to supply the
> information contained in the config file from within our Java code.
>
>
> how does ProgrammaticLogin get the information contained in
> appclientlogin.conf and how could that information be supplied from
> within java code?
>
>
> Kind regards,
>
> - Andreas Kozma
> www.ansis.com
>
> <ansis_logo.gif>
>
> On Jun 4, 2009, at 11:18 , Jose Alvarez de Lara wrote:
>
>> I am not sure about what you are meaning, but there is a way to
>> save users and roles. Just create two tables in your database, USER
>> and ROLE and relate the tables. You can log in by testing user and
>> pass exist in your table USER and try the corresponding role in the
>> table ROLE. Later maintain a session with a JavaBean. This is
>> another way to do it avoiding the needed of a your
>> appclientloging.conf and you leave the server without that heavy
>> work.
>>
>> Best Regards,
>> Jose Alvarez de Lara
>>
>> From: Andreas Kozma
>> Sent: Thursday, June 04, 2009 10:47 AM
>> To: ejb_at_glassfish.dev.java.net
>> Subject: ProgrammaticLogin without login configuration file - how
>> can it be done programmatically?
>>
>> Hi!
>>
>> We have a java standalone client that successfully connects to EJBs
>> on our Glassfish v2.1 server using ProgrammaticLogin.
>> However, having to specify
>>
>> -Djava.security.auth.login.config=...path.../glassfish/lib/
>> appclient/appclientlogin.conf
>>
>> is very tedious, as we need to do it manually for every unit test
>> we run (we have many). Is there a way to supply the login
>> configuration contained in appclientlogin.conf in our java code?
>>
>> We have found posts on how to do it LoginContext, but we didn't
>> find a way to add it to ProgrammaticLogin.
>>
>>
>> Thanks for your help!
>>
>>
>> Kind regards,
>>
>> - Andreas Kozma
>> www.ansis.com
>>
>> <ansis_logo.gif>
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.