我正在从 JBoss 5.0.1 迁移到 JBoss 7.2。
我正在使用远程 EJB 客户端调用 EJB。我必须迁移一个从AbstractServerLoginModule
.
我设法配置了 JBoss,以便实际调用自定义登录模块。
在自定义登录模块中,我实现了一个javax.security.auth.callback.NameCallback
和一个javax.security.auth.callback.ObjectCallback
类似的:
NameCallback ncb = new NameCallback("Username:");
PasswordCallback pcb = new PasswordCallback("Password:", false);
try
{
callbackHandler.handle(new Callback[] { ncb, pcb });
}
catch (Exception e)
{
if (e instanceof RuntimeException)
{
throw (RuntimeException) e;
}
return false;
}
String name = ncb.getName();
String pwd = new String(pcb.getPassword());
我看到用户按照我的预期传递给NameCallback
.
但我观察到传递给的密码PasswordCallback
始终是“随机值”,如“0299df2c-620a-4ac6-83d3-50daaa65fb90”。
我用来调用服务器的客户端代码如下所示:
Properties clientProp = new Properties();
clientProp.put("remote.connectionprovider.create.options.org.xnio.Options.SSL_ENABLED", "false");
clientProp.put("remote.connections", "default");
clientProp.put("remote.connection.default.port", "4447");
clientProp.put("remote.connection.default.host", "localhost");
clientProp.put("remote.connection.default.username", "USER");
clientProp.put("remote.connection.default.password", "PASSWORD");
clientProp.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOANONYMOUS", "false");
clientProp.put("remote.connection.default.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");
EJBClientConfiguration cc = new PropertiesBasedEJBClientConfiguration(clientProp);
ContextSelector<EJBClientContext> selector = new ConfigBasedEJBClientContextSelector(cc);
EJBClientContext.setSelector(selector);
final Properties jndiProperties = new Properties();
jndiProperties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming");
jndiProperties.put("jboss.naming.client.ejb.context", true);
jndiProperties.put(InitialContext.SECURITY_PRINCIPAL, "USER");
jndiProperties.put(InitialContext.SECURITY_CREDENTIALS, "PASSWORD");
我希望密码以纯文本形式到达自定义登录模块中的服务器上。那可能吗?我怎样才能做到这一点?