Better understanding JAAS architecture when working with EJBs
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Amnon_Grossman
Posted On:   Sunday, May 4, 2008 09:35 AM

Last week I started learning about JAAS and there's something I just can't understand, and I hope I can find some help here. What I want to achieve is a Java client that logs in (using typed username and password, or LDAP) and uses enterprise beans of a J2EE server. The client is to be granted a role, depending on the logged-in user. The beans are of course annotated with @RolesAllowed("role_name"), and role names can be "administrator", "manager", and so on - nothing special. Now, what I understand so far is this: The client instantiates a LoginContext. The LoginContext uses a Configuration (object) to retrieve info from a configuration file, which I should write. This info should include the names of   More>>

Last week I started learning about JAAS and there's something I just can't understand, and I hope I can find some help here. What I want to achieve is a Java client that logs in (using typed username and password, or LDAP) and uses enterprise beans of a J2EE server. The client is to be granted a role, depending on the logged-in user. The beans are of course annotated with @RolesAllowed("role_name"), and role names can be "administrator", "manager", and so on - nothing special.


Now, what I understand so far is this:

The client instantiates a LoginContext. The LoginContext uses a Configuration (object) to retrieve info from a configuration file, which I should write. This info should include the names of all my LoginModules (say I have only one). And finally, my LoginModule should be able to get the login details and authenticate them in login(), and add credentials to the Subject in commit().


What I don't understand, is the following:

1) Say my client instantiates a LoginContext and successfully logs in. Can it now create an InitialContext and start using EJBs, having the security context transparently propagated along with the method calls?

2) How come the client has access to the Subject? Shouldn't the Subject be granted the user's roles? A client must not have an influence on its roles, so, in what manner could it be prevented from someone to write another client, imitating one's Subject and accessing my supposedly secure EJBs?

3) And most importantly - so far all I've seen is the client-side authentication. Where's the server-side authentication in all this?


Thanks very much in advance,

Amnon.

   <<Less
About | Sitemap | Contact