Solved

EJB Security and Web Server Authentication

Posted on 2001-06-18
7
234 Views
Last Modified: 2013-11-24
Hello J2EE gurus.

My warm wishes to u all.

I am stuck with this problem from a long time. Please Help......

I have a Session bean which calls 6 entity beans for getting the data out and displaying. The whole applications has 2 roles defined. I have selected the basic authentication model for the login jsp file.

I am running on Win 2000 and sun Java refrence implentation (j2sdkee1.3).
The problem is when I login as the first role, the system is stuck to it. It does not change the its behavior for the other role. The system gets tied to the first login role. How do i make the application behave appropriatley to the login role.

I have attched my session bean code here...
----------------------------------------------------
/*
 *
 * Client Controller ejb
 *
 */

import java.util.*;
import javax.ejb.*;
import javax.naming.*;
import javax.rmi.PortableRemoteObject;
import java.rmi.RemoteException;

import org.w3c.dom.*;
import com.sun.xml.tree.*;
import com.sun.xml.parser.Resolver;
import com.sun.xml.parser.Parser;
import org.xml.sax.helpers.ParserFactory;
import org.xml.sax.DocumentHandler;
import org.xml.sax.SAXException;
import org.xml.sax.InputSource;
import java.io.*;
import javax.servlet.http.*;



public class ClientControllerEJB implements SessionBean {

   private SessionContext sc;
   public String doSomething(String ctx, String act, String clientid)throws RemoteException {

      String outstr = new String();
      try {
             if(act.equals("list")) {
         XmlDocumentBuilder builder=new XmlDocumentBuilder();
             com.sun.xml.tree.XmlDocument doc = builder.createDocument();
             Element root = doc.createElement("clients");
             doc.appendChild(root);
                  
         Context initial = new InitialContext();
         Object objref = initial.lookup("java:comp/env/ejb/client");
             
             ClientHome home =
               (ClientHome)PortableRemoteObject.narrow(objref, ClientHome.class);
         
                  Collection c = home.findAll();
                Iterator i=c.iterator();
                  //outstr += "<table border=1> <tr> <td> <b> clientid</b> </td> <td> <b>name </b></td> </tr>"      ;
           while (i.hasNext()) {
              Client client = (Client)i.next();
                     String mclientid = (String)client.getPrimaryKey();
                    // outstr += "<tr><td>" + mclientid + "</td> <td> <a href='router.jsp?ctx=client&act=view&clientid=" + mclientid+ "'>" + client.getName() + "</a></td></tr>";
                     Element element=doc.createElement("client");
              SeabedUtil.createElementNode(doc,"clientid",mclientid,element);          
              SeabedUtil.createElementNode(doc,"name",client.getName(),element);
              root.appendChild(element);
              //System.out.println(client.getName() + client.getAddress() + client.getPhone() + client.getFax() + client.getWebsite() + client.getProfile());
              //outstr += clientid + "      " +  client.getName() + " \n" ;
             
           }
           //outstr = SeabedUtil.convertXml2String(doc);
           
           //outstr += "</table>";

           //SeabedUtil.createFile("d:\\genClient.xml" ,outstr);
           outstr = PageBuilder.getMinipage(doc,"",ctx,act);
           Hashtable ht = new Hashtable();
           ht.put("clientlist", outstr);
           PageAssembler pa = new PageAssembler();
           outstr = pa.getPage(ht,"","client");
           //outstr = PageBuilder.transform(out);
           System.out.println(sc.getCallerPrincipal().getName());
           return outstr;
           
            }
            
            if(act.equals("view")) {
           
           Context initial = new InitialContext();
           Object objref = initial.lookup("java:comp/env/ejb/client");
             
               ClientHome clienthome =
               (ClientHome)PortableRemoteObject.narrow(objref, ClientHome.class);
             
           Client client = clienthome.findByPrimaryKey(clientid);
           outstr += "<table border=1>";
           outstr += "<tr> <td>Name </td><td>" + client.getName()+"</td></tr><tr><td>Address </td><td>" + client.getAddress() +" </td> </tr> <tr><td> Phone </td><td>" + client.getPhone() +"</td> </tr> <tr><td> Fax </td> <td>" + client.getFax() +"</td></tr> <tr> <td> Website </td> <td>"+ client.getWebsite() +"</td></tr><tr><td> Profile </td><td> "+ client.getProfile() + "</td></tr></table>";
           
           objref = initial.lookup("java:comp/env/ejb/notes4client");
           Notes4ClientHome n4chome =
               (Notes4ClientHome)PortableRemoteObject.narrow(objref,
                                            Notes4ClientHome.class);
                                           
           Collection c = n4chome.findByClientid(clientid);
           if (c.size() > 0) {
                       outstr +=  "<br><b> Notes </b><table>";
                       Iterator i=c.iterator();
           
                       while (i.hasNext()) {
                             Notes4Client notes4client = (Notes4Client)i.next();
                             Object noteobjref = initial.lookup("java:comp/env/ejb/notes");

                             NoteHome notehome =  (NoteHome)PortableRemoteObject.narrow(noteobjref,
                                            NoteHome.class);
                             Note note = notehome.findByPrimaryKey(notes4client.getNoteid());
                             outstr += "<br><tr>"+ notes4client.getNoteid() + note.getSubject() + note.getNotedetails() + note.getAuthor() + note.getCreatedate() + "</tr>";
                  }
                  outstr += "</table>";
           }

           objref = initial.lookup("java:comp/env/ejb/orgh4client");

           Orgh4ClientHome orgh4chome =
               (Orgh4ClientHome)PortableRemoteObject.narrow(objref,
                                            Orgh4ClientHome.class);
                                           
           Collection co = orgh4chome.findByClientid(clientid);
           if (co.size() > 0 && sc.isCallerInRole("ProjectManager")) {
                       outstr +=  "<br><b> Organizational Highlights </b><table>";
                       Iterator i=co.iterator();
           
                       while (i.hasNext()) {
                             Orgh4Client orgh4Client = (Orgh4Client)i.next();
                             Object orghref = initial.lookup("java:comp/env/ejb/orghighlights");
                             

                             OrghighlightsHome orghhome =  (OrghighlightsHome)PortableRemoteObject.narrow(orghref,
                                            OrghighlightsHome.class);
                             Orghighlights orghighlights = orghhome.findByPrimaryKey(orgh4Client.getOrghid());
                             outstr += "<br><tr>"+ orghighlights.getHighlight1() + orghighlights.getHighlight2() + orghighlights.getHighlight3() + "</tr>";
                  }
                  outstr += "</table>";
           }

           return outstr;
           
            }
            
      } catch (NamingException ex) {
           System.out.println(ex.getMessage());
           throw new EJBException("NamingException: " + ex.getMessage());
           
      }
      catch (Exception ex) {
           System.err.println("Caught an unexpected exception!");
           ex.printStackTrace();
           return outstr;
     }
     return null;
   }
       
   public ClientControllerEJB() {}
   public void setSessionContext(SessionContext sc) {
        this.sc = sc;
    }
   public void ejbCreate() {System.out.println("ClientController: ejbCreate()");}
   public void ejbRemove()  {}
   public void ejbActivate() {}
   public void ejbPassivate() {}
   
}

------------------------------------------------------
Please help me.
Thanx
regds.
Keerthi Kumar M
0
Comment
Question by:keerthikm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 4

Expert Comment

by:jerch
ID: 6202842
Do you reuse the InitialContext object throughout the application?

Jerson
0
 

Author Comment

by:keerthikm
ID: 6204959
Dear jerch

I have re used the initial context object in the session bean in order to call 6 entity beans.
0
 
LVL 4

Expert Comment

by:jerch
ID: 6207011
Try to instantiate a new InitialContext for each thread. Do not keep the InitialContext as the session bean's attribute.
0
Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

 
LVL 4

Expert Comment

by:jerch
ID: 6207027
Can you post the code that connects to your session bean? Because I just read your code and based on the code, you didn't reuse the InitialContext.
0
 

Author Comment

by:keerthikm
ID: 6209078
dear jerch
sorry i have not re used the initial context
Heres my code,
----------------------------------------------------
<%@page import ="java.util.*" %>
<%@page import ="javax.ejb.*" %>
<%@page import ="javax.naming.*" %>
<%@page import="javax.rmi.PortableRemoteObject"%>
<%@page import="com.sun.enterprise.security.*" %>
<html>

<head>
    <title>Client JSP</title>
</head>

<body background="back.gif">
<font size = 5 color="#CC0000">

<h1><b><center>Client Test</center></b></h1>

<%
   LoginContext lc = new LoginContext();
   if(request.getParameter("ctx").equals("logoff"))
             lc.logout();
   
   lc.login(request.getParameter("username"),request.getParameter("password"));
   Context initial = new InitialContext();
   Object objref = initial.lookup("java:comp/env/ejb/MyClientController");
     
     ClientControllerHome home =
               (ClientControllerHome)PortableRemoteObject.narrow(objref,
                                            ClientControllerHome.class);
   ClientController cc = home.create();
   String s = cc.doSomething(request.getParameter("ctx"), request.getParameter("act"), request.getParameter("clientid"));
   cc.remove();
   out.println(s);    
   //String url = new String("route?ctx=" + request.getParameter("ctx") + "&act=" + request.getParameter("act") +"&clientid=" + request.getParameter("clientid"));
   //response.sendRedirect(url);

%>
<a href="router.jsp?ctx=logoff">Sign out</a>
       
</body>
</html>
----------------------------------------------------------
0
 
LVL 14

Expert Comment

by:sudhakar_koundinya
ID: 9009999
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:


[paq'ed/points refunded]


Please leave any comments here within the next seven days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
 
sudhakar_koundinya
EE Cleanup Volunteer
---------------------
If you feel that your question was not properly addressed, or that none of the comments received were appropriate answers, please post your concern in THIS thread.
0
 
LVL 6

Accepted Solution

by:
Mindphaser earned 0 total points
ID: 9099099
Force accepted

** Mindphaser - Community Support Moderator **
0

Featured Post

Business Impact of IT Communications

What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
by zero exception 10 83
collection output issue 9 91
Java array 21 150
JVM error from eclipse 1 26
Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
The viewer will learn how to implement Singleton Design Pattern in Java.
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
Suggested Courses

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question