createLoginContext.test Access denied
[nobr]I get the following error:
org.apache.jasper.JasperException: access denied (javax.security.auth.AuthPermission createLoginContext.test)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:384)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:297)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:247)
javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
sun.reflect.GeneratedMethodAccessor99.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
The end of my server policy file looks like this:
grant codeBase "file:/home/jay/learning/jsp/login/WEB-INF/classes/test/-" {
permission javax.security.auth.AuthPermission "createLoginContext.beta";
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.AuthPermission "getLoginConfiguration";
};
grant codeBase "file:/home/jay/sun/Creator2_1/SunAppServer8/domains/creator/applications/j2ee-modules/login/WEB-INF/classes/test/-" {
permission javax.security.auth.AuthPermission "createLoginContext.test";
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.AuthPermission "getLoginConfiguration";
};
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/login/WEB-INF/-" {
permission javax.security.auth.AuthPermission "createLoginContext.test";
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.AuthPermission "getLoginConfiguration";
};
I created the files in /home/jay/learning/jsp/login/ so I tried giving access to the class there in the WEB-INF/classes directory and even WEB-INF/classes/test directory (package name is test). None worked.
The admin console says that the application is run at
${com.sun.aas.instanceRoot}/applications/j2ee-modules/login
I tried using that too... however I still get the error
I am trying to create the LoginContext from a session bean, called LoginBean....
package test;
import javax.ejb.SessionBean;
import javax.ejb.CreateException;
import javax.ejb.SessionContext;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.security.auth.callback.CallbackHandler;
publicclass LoginBeanimplements SessionBean{
LoginContext ctx =null;
CallbackHandler cbh =null;
privatestaticfinal String ENTRY ="test";
publicvoid ejbCreate()throws CreateException{
}
publicvoid ejbActivate(){
}
publicvoid ejbPassivate(){
}
publicvoid ejbRemove(){
}
publicvoid setSessionContext(SessionContext ctx){
}
publicboolean initLoginContext (String usr, String psw)
{
try{
cbh =new AscCallbackHandler(usr,psw);
ctx =new LoginContext(ENTRY,cbh);
returntrue;
}catch (LoginException le){
returnfalse;
}
}
}// LoginBean
And i call the initLoginContext() method from a jsp page...
<jsp:useBean class="test.LoginBean" scope="session" id="loginBean">
</jsp:useBean>
<%
out.println(request.getParameter("submitButton"));
String submitButton = request.getParameter("submitButton");
if(submitButton !=null)
{
out.println("Calling the bean now!!!!!!!!!");
String usr = request.getParameter("username");
String psw = request.getParameter("password");
boolean contextCreated = loginBean.initLoginContext(usr,psw);
if(contextCreated)
{
out.println("Context created, now trying login");
}
else
{
out.println("Context creation FAILED... edit some more code");
}
}
else
{
out.println("No such submission details");
}
%>
<html>
<head>
<title>Login Page</title>
<body>
<form action="Login.jsp" method="post">
Enter your username: <input type="TEXT" name="username" size="15"><br>
Enter your password: <input type="password" Name="psw"><<br>
<input type="submit" value="Submit" name="submitButton">
</form>
</body>
</html>
[/nobr]
