Solved

EJB Security and Web Server Authentication

Posted on 2001-06-18
7
232 Views
Last Modified: 2013-11-24
Hello J2EE gurus.

My warm wishes to u all.

I am stuck with this problem from a long time. Please Help......

I have a Session bean which calls 6 entity beans for getting the data out and displaying. The whole applications has 2 roles defined. I have selected the basic authentication model for the login jsp file.

I am running on Win 2000 and sun Java refrence implentation (j2sdkee1.3).
The problem is when I login as the first role, the system is stuck to it. It does not change the its behavior for the other role. The system gets tied to the first login role. How do i make the application behave appropriatley to the login role.

I have attched my session bean code here...
----------------------------------------------------
/*
 *
 * Client Controller ejb
 *
 */

import java.util.*;
import javax.ejb.*;
import javax.naming.*;
import javax.rmi.PortableRemoteObject;
import java.rmi.RemoteException;

import org.w3c.dom.*;
import com.sun.xml.tree.*;
import com.sun.xml.parser.Resolver;
import com.sun.xml.parser.Parser;
import org.xml.sax.helpers.ParserFactory;
import org.xml.sax.DocumentHandler;
import org.xml.sax.SAXException;
import org.xml.sax.InputSource;
import java.io.*;
import javax.servlet.http.*;



public class ClientControllerEJB implements SessionBean {

   private SessionContext sc;
   public String doSomething(String ctx, String act, String clientid)throws RemoteException {

      String outstr = new String();
      try {
             if(act.equals("list")) {
         XmlDocumentBuilder builder=new XmlDocumentBuilder();
             com.sun.xml.tree.XmlDocument doc = builder.createDocument();
             Element root = doc.createElement("clients");
             doc.appendChild(root);
                  
         Context initial = new InitialContext();
         Object objref = initial.lookup("java:comp/env/ejb/client");
             
             ClientHome home =
               (ClientHome)PortableRemoteObject.narrow(objref, ClientHome.class);
         
                  Collection c = home.findAll();
                Iterator i=c.iterator();
                  //outstr += "<table border=1> <tr> <td> <b> clientid</b> </td> <td> <b>name </b></td> </tr>"      ;
           while (i.hasNext()) {
              Client client = (Client)i.next();
                     String mclientid = (String)client.getPrimaryKey();
                    // outstr += "<tr><td>" + mclientid + "</td> <td> <a href='router.jsp?ctx=client&act=view&clientid=" + mclientid+ "'>" + client.getName() + "</a></td></tr>";
                     Element element=doc.createElement("client");
              SeabedUtil.createElementNode(doc,"clientid",mclientid,element);          
              SeabedUtil.createElementNode(doc,"name",client.getName(),element);
              root.appendChild(element);
              //System.out.println(client.getName() + client.getAddress() + client.getPhone() + client.getFax() + client.getWebsite() + client.getProfile());
              //outstr += clientid + "      " +  client.getName() + " \n" ;
             
           }
           //outstr = SeabedUtil.convertXml2String(doc);
           
           //outstr += "</table>";

           //SeabedUtil.createFile("d:\\genClient.xml" ,outstr);
           outstr = PageBuilder.getMinipage(doc,"",ctx,act);
           Hashtable ht = new Hashtable();
           ht.put("clientlist", outstr);
           PageAssembler pa = new PageAssembler();
           outstr = pa.getPage(ht,"","client");
           //outstr = PageBuilder.transform(out);
           System.out.println(sc.getCallerPrincipal().getName());
           return outstr;
           
            }
            
            if(act.equals("view")) {
           
           Context initial = new InitialContext();
           Object objref = initial.lookup("java:comp/env/ejb/client");
             
               ClientHome clienthome =
               (ClientHome)PortableRemoteObject.narrow(objref, ClientHome.class);
             
           Client client = clienthome.findByPrimaryKey(clientid);
           outstr += "<table border=1>";
           outstr += "<tr> <td>Name </td><td>" + client.getName()+"</td></tr><tr><td>Address </td><td>" + client.getAddress() +" </td> </tr> <tr><td> Phone </td><td>" + client.getPhone() +"</td> </tr> <tr><td> Fax </td> <td>" + client.getFax() +"</td></tr> <tr> <td> Website </td> <td>"+ client.getWebsite() +"</td></tr><tr><td> Profile </td><td> "+ client.getProfile() + "</td></tr></table>";
           
           objref = initial.lookup("java:comp/env/ejb/notes4client");
           Notes4ClientHome n4chome =
               (Notes4ClientHome)PortableRemoteObject.narrow(objref,
                                            Notes4ClientHome.class);
                                           
           Collection c = n4chome.findByClientid(clientid);
           if (c.size() > 0) {
                       outstr +=  "<br><b> Notes </b><table>";
                       Iterator i=c.iterator();
           
                       while (i.hasNext()) {
                             Notes4Client notes4client = (Notes4Client)i.next();
                             Object noteobjref = initial.lookup("java:comp/env/ejb/notes");

                             NoteHome notehome =  (NoteHome)PortableRemoteObject.narrow(noteobjref,
                                            NoteHome.class);
                             Note note = notehome.findByPrimaryKey(notes4client.getNoteid());
                             outstr += "<br><tr>"+ notes4client.getNoteid() + note.getSubject() + note.getNotedetails() + note.getAuthor() + note.getCreatedate() + "</tr>";
                  }
                  outstr += "</table>";
           }

           objref = initial.lookup("java:comp/env/ejb/orgh4client");

           Orgh4ClientHome orgh4chome =
               (Orgh4ClientHome)PortableRemoteObject.narrow(objref,
                                            Orgh4ClientHome.class);
                                           
           Collection co = orgh4chome.findByClientid(clientid);
           if (co.size() > 0 && sc.isCallerInRole("ProjectManager")) {
                       outstr +=  "<br><b> Organizational Highlights </b><table>";
                       Iterator i=co.iterator();
           
                       while (i.hasNext()) {
                             Orgh4Client orgh4Client = (Orgh4Client)i.next();
                             Object orghref = initial.lookup("java:comp/env/ejb/orghighlights");
                             

                             OrghighlightsHome orghhome =  (OrghighlightsHome)PortableRemoteObject.narrow(orghref,
                                            OrghighlightsHome.class);
                             Orghighlights orghighlights = orghhome.findByPrimaryKey(orgh4Client.getOrghid());
                             outstr += "<br><tr>"+ orghighlights.getHighlight1() + orghighlights.getHighlight2() + orghighlights.getHighlight3() + "</tr>";
                  }
                  outstr += "</table>";
           }

           return outstr;
           
            }
            
      } catch (NamingException ex) {
           System.out.println(ex.getMessage());
           throw new EJBException("NamingException: " + ex.getMessage());
           
      }
      catch (Exception ex) {
           System.err.println("Caught an unexpected exception!");
           ex.printStackTrace();
           return outstr;
     }
     return null;
   }
       
   public ClientControllerEJB() {}
   public void setSessionContext(SessionContext sc) {
        this.sc = sc;
    }
   public void ejbCreate() {System.out.println("ClientController: ejbCreate()");}
   public void ejbRemove()  {}
   public void ejbActivate() {}
   public void ejbPassivate() {}
   
}

------------------------------------------------------
Please help me.
Thanx
regds.
Keerthi Kumar M
0
Comment
Question by:keerthikm
7 Comments
 
LVL 4

Expert Comment

by:jerch
ID: 6202842
Do you reuse the InitialContext object throughout the application?

Jerson
0
 

Author Comment

by:keerthikm
ID: 6204959
Dear jerch

I have re used the initial context object in the session bean in order to call 6 entity beans.
0
 
LVL 4

Expert Comment

by:jerch
ID: 6207011
Try to instantiate a new InitialContext for each thread. Do not keep the InitialContext as the session bean's attribute.
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 4

Expert Comment

by:jerch
ID: 6207027
Can you post the code that connects to your session bean? Because I just read your code and based on the code, you didn't reuse the InitialContext.
0
 

Author Comment

by:keerthikm
ID: 6209078
dear jerch
sorry i have not re used the initial context
Heres my code,
----------------------------------------------------
<%@page import ="java.util.*" %>
<%@page import ="javax.ejb.*" %>
<%@page import ="javax.naming.*" %>
<%@page import="javax.rmi.PortableRemoteObject"%>
<%@page import="com.sun.enterprise.security.*" %>
<html>

<head>
    <title>Client JSP</title>
</head>

<body background="back.gif">
<font size = 5 color="#CC0000">

<h1><b><center>Client Test</center></b></h1>

<%
   LoginContext lc = new LoginContext();
   if(request.getParameter("ctx").equals("logoff"))
             lc.logout();
   
   lc.login(request.getParameter("username"),request.getParameter("password"));
   Context initial = new InitialContext();
   Object objref = initial.lookup("java:comp/env/ejb/MyClientController");
     
     ClientControllerHome home =
               (ClientControllerHome)PortableRemoteObject.narrow(objref,
                                            ClientControllerHome.class);
   ClientController cc = home.create();
   String s = cc.doSomething(request.getParameter("ctx"), request.getParameter("act"), request.getParameter("clientid"));
   cc.remove();
   out.println(s);    
   //String url = new String("route?ctx=" + request.getParameter("ctx") + "&act=" + request.getParameter("act") +"&clientid=" + request.getParameter("clientid"));
   //response.sendRedirect(url);

%>
<a href="router.jsp?ctx=logoff">Sign out</a>
       
</body>
</html>
----------------------------------------------------------
0
 
LVL 14

Expert Comment

by:sudhakar_koundinya
ID: 9009999
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:


[paq'ed/points refunded]


Please leave any comments here within the next seven days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
 
sudhakar_koundinya
EE Cleanup Volunteer
---------------------
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post your concern in THIS thread.
0
 
LVL 6

Accepted Solution

by:
Mindphaser earned 0 total points
ID: 9099099
Force accepted

** Mindphaser - Community Support Moderator **
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
Viewers will learn about basic arrays, how to declare them, and how to use them. Introduction and definition: Declare an array and cover the syntax of declaring them: Initialize every index in the created array: Example/Features of a basic arr…
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question