[JAAS] acces a un ejb 3 par un user et mot de passe

Bonjour

j'ai un probléme dans l'accés a mon ejb, lorsque je veux acceder a cette ejb par user et mot de passe, dans le tutoriel ils ont signale que pour l'authentification ont utilise JAAS et c'est ce que j'ai fait mais j'ai pas reussi :
voici mon code :
le code de EJB est:

Code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
@RolesAllowed({"Admin"})
public class TestBean implements TestRemote {
   @Resource SessionContext ctx;
    public TestBean() {
    }
    // AnyOne can call this method
   @PermitAll
    public int add(int a, int b) {
        return a+b;
    }
    // manager can only access to this method
   @RolesAllowed({"manager"})
    public int sous(int a, int b) {
        //TODO implement sous
        return 0;
    }
    // no one can call this method except the administrators
    public String callerRetourne() {
        return ctx.getCallerPrincipal().getName();
    }
    // no one can access to this method
   @DenyAll
    public int prod(int a, int b) {
      return a*b;
    }
}

mon code au niveau client est :

Code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
public class Main {
   public Main() {
    }
   public static void main(String[] args) {
      // try{
       Subject sub=new Subject();
       LoginContext login=new LoginContext("test",sub,new CallBackHandler());
       login.login();
       Subject.doAs(sub,new Test());
       }   catch(LoginException e){
             System.err.println("Erreur dans login Context"+e.getMessage());  
      }
    }
}

ModulePassword.JAVA le login module:

Code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
public class PasswordLoginModule implements LoginModule{
    private Subject subject;
    private String username;
    private char[] password={'i','n','f','o'}; 
    private CallbackHandler call;
    // Constructeur
    public PasswordLoginModule() {
    }
    // Initialiuse
    public void initialize(Subject sub,CallbackHandler call,Map sharedState,Map options){
        subject=sub;
        this.call=call;
    }
    // Login
    public boolean login() throws LoginException{
    /*    if(call==null){
            throw new LoginException("erreur dans le callbackhandler null");
        }
            Callback[] callback=new Callback[2];
            callback[0]=new NameCallback("userName s'il vous plait:");
            callback[1]=new PasswordCallback("Password :",false);        
       try{
            call.handle(callback);
            username=((NameCallback)callback[0]).getName();
            if(username==null){
                throw new LoginException("username invalide");
            }
            char[] tmpPassword=((PasswordCallback)callback[1]).getPassword();
            if(tmpPassword==null){
                tmpPassword=new char[0];
            }
            password=new char[tmpPassword.length];
            System.arraycopy(tmpPassword,0,password,0,tmpPassword.length);
            ((PasswordCallback)callback[1]).clearPassword();
            javax.swing.JOptionPane.showMessageDialog(null,"fin de login in???");
        }catch(IOException ioe){
            System.err.println("erreur dans le entrée sortie ="+ioe.getMessage());
        }catch(UnsupportedCallbackException e){
            System.err.println("erreur le support de callback ="+e.getMessage());
        }*/
       this.username="simo";
 
            return true;
    }
    // commit
    public boolean commit(){ //throws LoginException{
        javax.swing.JOptionPane.showMessageDialog(null,"username=???"+username);
        javax.swing.JOptionPane.showMessageDialog(null,"username=???"+password);
        PasswordCredential pass=new PasswordCredential(username,password);
        subject.getPrivateCredentials().add(pass);
        username=null;
        password=null;
        javax.swing.JOptionPane.showMessageDialog(null,"commit???");
        return true;
    }
    // Abort
    public boolean abort() throws LoginException{
        javax.swing.JOptionPane.showMessageDialog(null,"abort???");
        return true;
    }
    // logout
    public boolean logout() throws LoginException{
        username=null;
        password=null;
        return true;
    }
}

Le code de CallbackHandler:

Code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
public class CallBackHandler implements CallbackHandler{
    public CallBackHandler() {
    }
    public void handle(Callback[] call) {
        for(int i=0;i<call.length;i++){
            if(call[i] instanceof NameCallback){
                NameCallback nc=(NameCallback)call[i];
                String name="simo";//j'ai fixé le login
                nc.setName(name);
            }else if(call[i] instanceof PasswordCallback){
                PasswordCallback pc=(PasswordCallback)call[i];
                String pass="info";
                pc.setPassword(pass.toCharArray());
            }}}}

la classe qui permet l'accés au ejb :

Code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
public class Test implements PrivilegedAction{
 
    @EJB
    private static TestRemote testBean;
 
    public Test() {
    }
    public Object run(){
        try{
            Context ctx=new InitialContext();
            javax.swing.JOptionPane.showMessageDialog(null,1); 
            Object obj=ctx.lookup(TestRemote.class.getName());
            javax.swing.JOptionPane.showMessageDialog(null,2); 
            testBean=(TestRemote)javax.rmi.PortableRemoteObject.narrow(obj,TestRemote.class);
            javax.swing.JOptionPane.showMessageDialog(null,"la somme 2+4="+testBean.add(2,4)+"//La caller est="+testBean.callerRetourne());
       }catch(NamingException e) {
           javax.swing.JOptionPane.showMessageDialog(null,"Vous n'avez le droit d'accerder a cette EJB"+e.getMessage());
       }
        return null;
    }
}

lors de l'execution, je recoit le message suivant :

Code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
6 août 2007 14:14:28 com.sun.enterprise.iiop.security.SecurityMechanismSelector getUsernameAndPassword
GRAVE: IOP5023: Exception getting username and password
java.lang.ClassCastException: javax.resource.spi.security.PasswordCredential cannot be cast to com.sun.enterprise.security.auth.login.PasswordCredential
        at com.sun.enterprise.iiop.security.SecurityMechanismSelector$2.run(SecurityMechanismSelector.java:877)
        at java.security.AccessController.doPrivileged(Native Method)
        at com.sun.enterprise.iiop.security.SecurityMechanismSelector.getUsernameAndPassword(SecurityMechanismSelector.java:875)
        at com.sun.enterprise.iiop.security.SecurityMechanismSelector.sendUsernameAndPassword(SecurityMechanismSelector.java:624)
        at com.sun.enterprise.iiop.security.SecurityMechanismSelector.getSecurityContextForAppClient(SecurityMechanismSelector.java:550)
        at com.sun.enterprise.iiop.security.SecurityMechanismSelector.selectSecurityContext(SecurityMechanismSelector.java:530)
        at com.sun.enterprise.iiop.security.SecurityServiceImpl.getSecurityContext(SecurityServiceImpl.java:102)
        at com.sun.enterprise.iiop.security.SecClientRequestInterceptor.send_request(SecClientRequestInterceptor.java:255)
        at com.sun.corba.ee.impl.interceptors.InterceptorInvoker.invokeClientInterceptorStartingPoint(InterceptorInvoker.java:227)
        at com.sun.corba.ee.impl.interceptors.PIHandlerImpl.invokeClientPIStartingPoint(PIHandlerImpl.java:322)
        at com.sun.corba.ee.impl.protocol.CorbaClientRequestDispatcherImpl.beginRequest(CorbaClientRequestDispatcherImpl.java:245)
        at com.sun.corba.ee.impl.protocol.CorbaClientDelegateImpl.request(CorbaClientDelegateImpl.java:156)
        at com.sun.corba.ee.impl.presentation.rmi.StubInvocationHandlerImpl.privateInvoke(StubInvocationHandlerImpl.java:153)
        at com.sun.corba.ee.impl.presentation.rmi.StubInvocationHandlerImpl.invoke(StubInvocationHandlerImpl.java:119)
        at com.sun.corba.ee.impl.presentation.rmi.bcel.BCELStubBase.invoke(BCELStubBase.java:197)
        at com.sun.ejb.codegen._GenericEJBHome_Generated_DynamicStub.create(_GenericEJBHome_Generated_DynamicStub.java)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.sun.ejb.EJBUtils.lookupRemote30BusinessObject(EJBUtils.java:342)
        at com.sun.ejb.containers.RemoteBusinessObjectFactory.getObjectInstance(RemoteBusinessObjectFactory.java:61)
        at javax.naming.spi.NamingManager.getObjectInstance(NamingManager.java:304)
        at com.sun.enterprise.naming.SerialContext.lookup(SerialContext.java:314)
        at javax.naming.InitialContext.lookup(InitialContext.java:392)
        at a.Test.run(Test.java:40)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.Subject.doAs(Subject.java:337)
        at a.Main.main(Main.java:33)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.sun.enterprise.util.Utility.invokeApplicationMain(Utility.java:232)
        at com.sun.enterprise.appclient.MainWithModuleSupport.<init>(MainWithModuleSupport.java:329)
        at com.sun.enterprise.appclient.Main.main(Main.java:180)