Oleg Nitz wrote:
>
> Hi Doug,
>
> Ferguson, Doug wrote:
> > I am currently tryint to write a loginModule that
> > uses DBAuthentication and uses roles.
>
> > I was checking out the AbstractLoginModule class
> > and noticed that it just took the Subject reference
> > and added roles to it. Is this all that is necessary
> > to add roles to a user.
> Yes.
>
> > What is going on under the hood here. How does jBoss
> > get the subject back later?
> JBoss creates its own LoginContext, which runs server LoginModules.
> Upon successful authentication JBoss calls LoginContext.getSubject(),
> reads the set of public Credentials of the Subject and interprets it
> as a set of roles.
>
> > I.E. I thought rmi calls where pass by value.
> What do you mean?
> All that happens locally on the server, no RMI calls.
** Well, the subject gets passed from the client to jBoss(via rmi)
This would be pass by value, so when subsequent calls come through
I was just curious how jBoss keeps track of the authenticated
user/roles
Thanks.
--
Doug Ferguson
Software Developer
www.coremetrics.com
512-342-2623x212
512-619-9972(cell)
