EJB design: Direct Authentication in Sun J2EE RI

  1. Direct Authentication in Sun J2EE RI (2 messages)

    I'm developing a J2EE app with a Swing UI. Ultimately the app will run under WebLogic, but for the moment I'm doing local testing and debugging under Sun's J2EE RI. The problem I'm up against is authentication for my EJB unit tests. I'd like to have my unit test classes automatically authenticate as different users, but it appears that I need to use Sun's "runclient" utility that pops up a GUI dialog box to do anything that requires an authenticated role.

    I don't want to spend a non-trivial amount of time chasing down some custom realm provider, or digging deep into the mysteries of Sun RI security. I had been hoping for something similar to WebLogic where you pass the principal name & password as properties on creation of the InitialContext. Am I missing something, or does someone have a tidy solution for easily, programmatically authenticating against the Sun RI server.

  2. Alas, no responses from the crew, but I've found the answer myself, and am posting it here for the benefit of future generations of J2EE developers who may have the same problem. The answer:

    import com.sun.enterprise.security.LoginContext;
    import com.sun.enterprise.security.LoginException;

    try {
    LoginContext lc = new LoginContext();
    lc.login(username, password);
    } catch (LoginException le) {
    // handle failed login... can also get AuthenticationStatus from le

    I had to go digging through the source release of J2EE to find this stuff, so if you need further information you'll need to do likewise. Everything of interest is in the com.sun.enterprise.security package and subpackages (in j2sdkee1.2.1-src\j2ee\src\share)

  3. ... for future generations indeed.[ Go to top ]

    I've been trying to solve a similar problem with Sun Application Server 9 for a couple of days now. When I found this it worked on the first attempt. I can't believe the answer has been waiting here for me the past five years. Thanks man, thanks. Another Eric