Solved

EJB Security and Web Server Authentication

Posted on 2001-06-18
7
229 Views
Last Modified: 2013-11-24
Hello J2EE gurus.

My warm wishes to u all.

I am stuck with this problem from a long time. Please Help......

I have a Session bean which calls 6 entity beans for getting the data out and displaying. The whole applications has 2 roles defined. I have selected the basic authentication model for the login jsp file.

I am running on Win 2000 and sun Java refrence implentation (j2sdkee1.3).
The problem is when I login as the first role, the system is stuck to it. It does not change the its behavior for the other role. The system gets tied to the first login role. How do i make the application behave appropriatley to the login role.

I have attched my session bean code here...
----------------------------------------------------
/*
 *
 * Client Controller ejb
 *
 */

import java.util.*;
import javax.ejb.*;
import javax.naming.*;
import javax.rmi.PortableRemoteObject;
import java.rmi.RemoteException;

import org.w3c.dom.*;
import com.sun.xml.tree.*;
import com.sun.xml.parser.Resolver;
import com.sun.xml.parser.Parser;
import org.xml.sax.helpers.ParserFactory;
import org.xml.sax.DocumentHandler;
import org.xml.sax.SAXException;
import org.xml.sax.InputSource;
import java.io.*;
import javax.servlet.http.*;



public class ClientControllerEJB implements SessionBean {

   private SessionContext sc;
   public String doSomething(String ctx, String act, String clientid)throws RemoteException {

      String outstr = new String();
      try {
             if(act.equals("list")) {
         XmlDocumentBuilder builder=new XmlDocumentBuilder();
             com.sun.xml.tree.XmlDocument doc = builder.createDocument();
             Element root = doc.createElement("clients");
             doc.appendChild(root);
                  
         Context initial = new InitialContext();
         Object objref = initial.lookup("java:comp/env/ejb/client");
             
             ClientHome home =
               (ClientHome)PortableRemoteObject.narrow(objref, ClientHome.class);
         
                  Collection c = home.findAll();
                Iterator i=c.iterator();
                  //outstr += "<table border=1> <tr> <td> <b> clientid</b> </td> <td> <b>name </b></td> </tr>"      ;
           while (i.hasNext()) {
              Client client = (Client)i.next();
                     String mclientid = (String)client.getPrimaryKey();
                    // outstr += "<tr><td>" + mclientid + "</td> <td> <a href='router.jsp?ctx=client&act=view&clientid=" + mclientid+ "'>" + client.getName() + "</a></td></tr>";
                     Element element=doc.createElement("client");
              SeabedUtil.createElementNode(doc,"clientid",mclientid,element);          
              SeabedUtil.createElementNode(doc,"name",client.getName(),element);
              root.appendChild(element);
              //System.out.println(client.getName() + client.getAddress() + client.getPhone() + client.getFax() + client.getWebsite() + client.getProfile());
              //outstr += clientid + "      " +  client.getName() + " \n" ;
             
           }
           //outstr = SeabedUtil.convertXml2String(doc);
           
           //outstr += "</table>";

           //SeabedUtil.createFile("d:\\genClient.xml" ,outstr);
           outstr = PageBuilder.getMinipage(doc,"",ctx,act);
           Hashtable ht = new Hashtable();
           ht.put("clientlist", outstr);
           PageAssembler pa = new PageAssembler();
           outstr = pa.getPage(ht,"","client");
           //outstr = PageBuilder.transform(out);
           System.out.println(sc.getCallerPrincipal().getName());
           return outstr;
           
            }
            
            if(act.equals("view")) {
           
           Context initial = new InitialContext();
           Object objref = initial.lookup("java:comp/env/ejb/client");
             
               ClientHome clienthome =
               (ClientHome)PortableRemoteObject.narrow(objref, ClientHome.class);
             
           Client client = clienthome.findByPrimaryKey(clientid);
           outstr += "<table border=1>";
           outstr += "<tr> <td>Name </td><td>" + client.getName()+"</td></tr><tr><td>Address </td><td>" + client.getAddress() +" </td> </tr> <tr><td> Phone </td><td>" + client.getPhone() +"</td> </tr> <tr><td> Fax </td> <td>" + client.getFax() +"</td></tr> <tr> <td> Website </td> <td>"+ client.getWebsite() +"</td></tr><tr><td> Profile </td><td> "+ client.getProfile() + "</td></tr></table>";
           
           objref = initial.lookup("java:comp/env/ejb/notes4client");
           Notes4ClientHome n4chome =
               (Notes4ClientHome)PortableRemoteObject.narrow(objref,
                                            Notes4ClientHome.class);
                                           
           Collection c = n4chome.findByClientid(clientid);
           if (c.size() > 0) {
                       outstr +=  "<br><b> Notes </b><table>";
                       Iterator i=c.iterator();
           
                       while (i.hasNext()) {
                             Notes4Client notes4client = (Notes4Client)i.next();
                             Object noteobjref = initial.lookup("java:comp/env/ejb/notes");

                             NoteHome notehome =  (NoteHome)PortableRemoteObject.narrow(noteobjref,
                                            NoteHome.class);
                             Note note = notehome.findByPrimaryKey(notes4client.getNoteid());
                             outstr += "<br><tr>"+ notes4client.getNoteid() + note.getSubject() + note.getNotedetails() + note.getAuthor() + note.getCreatedate() + "</tr>";
                  }
                  outstr += "</table>";
           }

           objref = initial.lookup("java:comp/env/ejb/orgh4client");

           Orgh4ClientHome orgh4chome =
               (Orgh4ClientHome)PortableRemoteObject.narrow(objref,
                                            Orgh4ClientHome.class);
                                           
           Collection co = orgh4chome.findByClientid(clientid);
           if (co.size() > 0 && sc.isCallerInRole("ProjectManager")) {
                       outstr +=  "<br><b> Organizational Highlights </b><table>";
                       Iterator i=co.iterator();
           
                       while (i.hasNext()) {
                             Orgh4Client orgh4Client = (Orgh4Client)i.next();
                             Object orghref = initial.lookup("java:comp/env/ejb/orghighlights");
                             

                             OrghighlightsHome orghhome =  (OrghighlightsHome)PortableRemoteObject.narrow(orghref,
                                            OrghighlightsHome.class);
                             Orghighlights orghighlights = orghhome.findByPrimaryKey(orgh4Client.getOrghid());
                             outstr += "<br><tr>"+ orghighlights.getHighlight1() + orghighlights.getHighlight2() + orghighlights.getHighlight3() + "</tr>";
                  }
                  outstr += "</table>";
           }

           return outstr;
           
            }
            
      } catch (NamingException ex) {
           System.out.println(ex.getMessage());
           throw new EJBException("NamingException: " + ex.getMessage());
           
      }
      catch (Exception ex) {
           System.err.println("Caught an unexpected exception!");
           ex.printStackTrace();
           return outstr;
     }
     return null;
   }
       
   public ClientControllerEJB() {}
   public void setSessionContext(SessionContext sc) {
        this.sc = sc;
    }
   public void ejbCreate() {System.out.println("ClientController: ejbCreate()");}
   public void ejbRemove()  {}
   public void ejbActivate() {}
   public void ejbPassivate() {}
   
}

------------------------------------------------------
Please help me.
Thanx
regds.
Keerthi Kumar M
0
Comment
Question by:keerthikm
7 Comments
 
LVL 4

Expert Comment

by:jerch
ID: 6202842
Do you reuse the InitialContext object throughout the application?

Jerson
0
 

Author Comment

by:keerthikm
ID: 6204959
Dear jerch

I have re used the initial context object in the session bean in order to call 6 entity beans.
0
 
LVL 4

Expert Comment

by:jerch
ID: 6207011
Try to instantiate a new InitialContext for each thread. Do not keep the InitialContext as the session bean's attribute.
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 4

Expert Comment

by:jerch
ID: 6207027
Can you post the code that connects to your session bean? Because I just read your code and based on the code, you didn't reuse the InitialContext.
0
 

Author Comment

by:keerthikm
ID: 6209078
dear jerch
sorry i have not re used the initial context
Heres my code,
----------------------------------------------------
<%@page import ="java.util.*" %>
<%@page import ="javax.ejb.*" %>
<%@page import ="javax.naming.*" %>
<%@page import="javax.rmi.PortableRemoteObject"%>
<%@page import="com.sun.enterprise.security.*" %>
<html>

<head>
    <title>Client JSP</title>
</head>

<body background="back.gif">
<font size = 5 color="#CC0000">

<h1><b><center>Client Test</center></b></h1>

<%
   LoginContext lc = new LoginContext();
   if(request.getParameter("ctx").equals("logoff"))
             lc.logout();
   
   lc.login(request.getParameter("username"),request.getParameter("password"));
   Context initial = new InitialContext();
   Object objref = initial.lookup("java:comp/env/ejb/MyClientController");
     
     ClientControllerHome home =
               (ClientControllerHome)PortableRemoteObject.narrow(objref,
                                            ClientControllerHome.class);
   ClientController cc = home.create();
   String s = cc.doSomething(request.getParameter("ctx"), request.getParameter("act"), request.getParameter("clientid"));
   cc.remove();
   out.println(s);    
   //String url = new String("route?ctx=" + request.getParameter("ctx") + "&act=" + request.getParameter("act") +"&clientid=" + request.getParameter("clientid"));
   //response.sendRedirect(url);

%>
<a href="router.jsp?ctx=logoff">Sign out</a>
       
</body>
</html>
----------------------------------------------------------
0
 
LVL 14

Expert Comment

by:sudhakar_koundinya
ID: 9009999
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:


[paq'ed/points refunded]


Please leave any comments here within the next seven days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
 
sudhakar_koundinya
EE Cleanup Volunteer
---------------------
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post your concern in THIS thread.
0
 
LVL 6

Accepted Solution

by:
Mindphaser earned 0 total points
ID: 9099099
Force accepted

** Mindphaser - Community Support Moderator **
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
stackato and cloud 4 85
servlet example 17 32
How to convert from xls to xlsx using java 7 39
JAVA API design with micro service cloud in mind 1 18
This was posted to the Netbeans forum a Feb, 2010 and I also sent it to Verisign. Who didn't help much in my struggles to get my application signed. ------------------------- Start The idea here is to target your cell phones with the correct…
Java functions are among the best things for programmers to work with as Java sites can be very easy to read and prepare. Java especially simplifies many processes in the coding industry as it helps integrate many forms of technology and different d…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
This theoretical tutorial explains exceptions, reasons for exceptions, different categories of exception and exception hierarchy.

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question