geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivan <xhh...@gmail.com>
Subject Re: Custom Security Realm:
Date Wed, 05 Jan 2011 01:56:25 GMT
OK, I am sure where the password is encrypted. But the invocation chain is
:
a. OpenEJB client passes the authentication info to the server ( It should
be in plain text, as I did not find codes for encryption, maybe I miss it
somewhere)
b. org.apache.geronimo.openejb.GeronimoSecurityService is the SPI class for
the ejb authentication.
c. Your realm/loginModule.
Adding some debug points on these places should help to find the reason.
Hope it helps.

2011/1/4 sanjay kumar <sanjaykumar2891987@gmail.com>

> hi,
>   yeah , these values are actual values used. And the security realm I use
> is written by me.
>
> On Tue, Jan 4, 2011 at 7:14 AM, Ivan <xhhsld@gmail.com> wrote:
>
>> Are these properties the actual values used in your real environment ? And
>> which login moduel do you use, from Geronimo or written by yourself ?
>>
>> 2011/1/3 sanjay kumar <sanjaykumar2891987@gmail.com>
>>
>> Hi,
>>>    I am calling a realm by its name and passing the user name and
>>> password as principal and credentials. In the initializer method of login
>>> module of realm I am getting the username and password. But password is in
>>> encrypted form. I need the password to be in decrypted form. My code is
>>> given below about how I am passing the username and password and how I am
>>> getting them:
>>>
>>> Test client code:(only some portion, not full)
>>>
>>> Properties props = new Properties();
>>>
>>> props.put("java.naming.factory.initial","org.apache.openejb.client.RemoteInitialContextFactory");
>>>
>>>             props.put("java.naming.provider.url", "127.0.0.1:4201");
>>>             props.put("java.naming.security.principal", "sanjay");
>>>             props.put("java.naming.security.credentials", "test");
>>> .....................
>>> .....................
>>> .....................
>>>
>>>
>>> the login module code in which I get the username and password:
>>>
>>>
>>> Callback[] callbacks = new Callback[2];
>>>         callbacks[0] = new NameCallback("username: ");
>>>         callbacks[1] = new PasswordCallback("password: ", false);
>>>         try{
>>>         handler.handle(callbacks);
>>>
>>>         username = ((NameCallback)callbacks[0]).getName();
>>> // This line prints the username as specified above code as principal.
>>> i.e sanjay
>>>         System.out.println("@@@@@@@@@@@@@@@@@@@@"+username);
>>>         if(username == null)
>>>         {
>>>         throw new LoginException("No user specified");
>>>         }
>>>
>>>         char[] tmpPassword
>>> =((PasswordCallback)callbacks[1]).getPassword();
>>> //This line prints the password but in encrypted form. its something like
>>> this :[C@57a3ec8d. I need this to be as it is in credentials in test
>>> code i.e it should print "test".
>>>         System.out.println("@@@@@@@@@@@@@@@@@@@@"+tmpPassword);
>>>             if (tmpPassword == null)
>>>             {
>>>             // treat null password as an empty password
>>>             tmpPassword = new char[0];
>>>             }
>>>             System.out.println("@@@@@@@@@@@"+tmpPassword);
>>>
>>>         }
>>>
>>>
>>>
>>>
>>>
>>> I am using Geronimo 2.2. Any suggestions?
>>>
>>>
>>>
>>>
>>>
>>>
>>> --
>>> Regards:
>>> Sanjay Kumar
>>> sanjaykumar2891987@gmail.com
>>> Java Developer
>>>
>>>
>>>
>>
>>
>> --
>> Ivan
>>
>
>
>
> --
> Regards:
> Sanjay Kumar
> sanjaykumar2891987@gmail.com
> Java Developer
>
>
>


-- 
Ivan

Mime
View raw message