JAAS login context returns an empty subject (WSLoginModuleProxy) - Websphere

This is a discussion on JAAS login context returns an empty subject (WSLoginModuleProxy) - Websphere ; I'm trying to use programmatic login for a J2EE standalone client as described in the redbooks, but it doesn't seem to work for me. Here's a snippet from my client code(the complete file is attached): --- LoginContext lc = new ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: JAAS login context returns an empty subject (WSLoginModuleProxy)

  1. JAAS login context returns an empty subject (WSLoginModuleProxy)

    I'm trying to use programmatic login for a J2EE standalone client as described in the redbooks, but it doesn't seem to work for me.

    Here's a snippet from my client code(the complete file is attached):

    ---
    LoginContext lc = new LoginContext("WSLogin", new WSCallbackHandlerImpl("username","password"));
    lc.login();
    //use lc.getSubject() to run a priviledgedaction
    ---

    the login method returns without any exceptions but the Subject it returns does not contain any principals - which causes CORBA_NO_PERMISSIONS later when I invoke the EJB method. My JAAS login configuration file (copied from the wsjaas_client.conf file) is as follows:

    ---
    WSLogin {
    com.ibm.ws.security.common.auth.module.proxy.WSLog inModuleProxy required delegate=com.ibm.ws.security.common.auth.module.WS LoginModuleImpl;
    };
    ---

    I'm using the local OS as my user account registry and have no troubles authenticating to the admin console using the same identity that my client uses.

    I'd appreciate any help or pointers in this matter.

    thanks,
    --


  2. Re: JAAS login context returns an empty subject (WSLoginModuleProxy)

    aiooua@gmail.com wrote:
    > I'm trying to use programmatic login for a J2EE standalone client as described in the redbooks, but it doesn't seem to work for me.
    >
    > Here's a snippet from my client code(the complete file is attached):
    >
    > ---
    > LoginContext lc = new LoginContext("WSLogin", new WSCallbackHandlerImpl("username","password"));
    > lc.login();
    > //use lc.getSubject() to run a priviledgedaction
    > ---
    >
    > the login method returns without any exceptions but the Subject it returns does not contain any principals - which causes CORBA_NO_PERMISSIONS later when I invoke the EJB method. My JAAS login configuration file (copied from the wsjaas_client.conf file) is as follows:
    >


    Are there any errors in the logs on the server ?



  3. Re: JAAS login context returns an empty subject (WSLoginModuleProxy)

    Hello,

    I'm stuck with exactly the same problem and after a long research I couldn't find a solution. I know this thread is quite old but... well I desperately need a solution!
    I found this article quite helpfull:

    http://nerdyjava.blogspot.com/2008/0...s-61-part.html

    but still my LoginContext lc returns no principal after login. When I set RMIInboundSecurity on my server to SUPPORTED, the code work's fine (of course) even without authentication. But that's not an option for our application.

    I would appreciate any help....

  4. Re: JAAS login context returns an empty subject (WSLoginModuleProxy)

    Hi

    I'm stuck with the same problem an I desperately need a solution.

    I used this article as a reference, but still my LoginContext doesn't contain a principal. It looks like the sas.client.pros are ignored completely, even with these flags

    -Djava.security.policy=config/security.policy
    -Djava.security.auth.login.config=file:config/wsjaas.conf
    -Dcom.ibm.SSL.ConfigURL=file:config/ssl.client.props
    -Dcom.ibm.CORBA.ConfigURL=file:config/sas.client.props

    set. Removing the sas.client.props makes no difference.

    After turning security on the server off (e.g. switching rmi INbound tu supported), the code works fine even without poper authentication.

    Any suggestions?

+ Reply to Thread