JAAS custom login module
문제
I've got a custom login module in an ear on jboss. The ear's META-INF has a jboss-app.xml which points at a login-service.xml which contains an mbean that points to a login-config.xml which defines the custom login module.
The jboss.xml in the ear's META-INF uses the same security-domain as that defined for the login module in login-config.xml.
On making a call to an EJB within that ear I don't see my custom login module running the login and commit methods like I've seen when I've implemented this elsewhere in the past.
I have trace log4j setup for org.jboss.security and I see nothing on making the EJB call. The EJB call is successful even though I'm not authenticated.
I can't work out why my login module isn't being called or how to debug the JAAS decision process. Any ideas? Thanks.
해결책 2
I found the problem, with some help.
My jboss.xml was in the META-INF folder for the ear, it should have been in the META-INF folder for the EJB jar.
Apparently the jboss file in the ear's META-INF folder would have been jboss-app.xml, which I guess would be the clue to remember for next time.
다른 팁
What you've done so far is creating the login module, now you need to tell your EJB to use it:
import javax.annotation.security.RolesAllowed;
import javax.ejb.Stateless;
import org.jboss.ejb3.annotation.SecurityDomain;
@Stateless
@SecurityDomain("mySecurityDomain")
@RolesAllowed({"guestRole", "userRole", "adminRole"})
public class SecureBean implements Secure {