Hi all, I use the version 2.2.0 and the Login is handle by org.jboss.portal.core.security.jaas.ModelLoginModule. the code is :
public class ModelLoginModule extends UsernamePasswordLoginModule { protected String userModuleJNDIName; protected String additionalRole; protected String havingRole; public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { super.initialize(subject, callbackHandler, sharedState, options); // Get data userModuleJNDIName = (String)options.get("userModuleJNDIName"); additionalRole = (String)options.get("additionalRole"); havingRole = (String)options.get("havingRole"); // Some info log.trace("userModuleJNDIName = " + userModuleJNDIName); log.trace("additionalRole = " + additionalRole); log.trace("havingRole = " + havingRole); } private UserModule userModule; protected UserModule getUserModule() throws NamingException { if (userModule == null) { userModule = (UserModule)new InitialContext().lookup(userModuleJNDIName); } return userModule; } protected String getUsersPassword() throws LoginException { try { TransactionManager tm = (TransactionManager)new InitialContext().lookup("java:/TransactionManager"); String password = (String)Transactions.required(tm, new Transactions.Runnable() { public Object run() throws Exception { try { UserModule module = getUserModule(); User user = module.findUserByUserName(getUsername()); if (havingRole == null || user.getRoleNames().contains(havingRole)) { return user.getPassword(); } else { return null; } } catch (NoSuchUserException e) { return null; } catch (Exception e) { throw new LoginException(e.toString()); } } }); // Returning null as password is enough to veto the login return password; } catch (Exception e) { Throwable cause = e.getCause(); throw new LoginException(cause.toString()); } } protected Group[] getRoleSets() throws LoginException { try { TransactionManager tm = (TransactionManager)new InitialContext().lookup("java:/TransactionManager"); return (Group[])Transactions.required(tm, new Transactions.Runnable() { public Object run() throws Exception { try { UserModule module = getUserModule(); User user = module.findUserByUserName(getUsername()); Set roleNames = user.getRoleNames(); // Group rolesGroup = new SimpleGroup("Roles"); // if (additionalRole != null) { rolesGroup.addMember(createIdentity(additionalRole)); } // for (Iterator iterator = roleNames.iterator(); iterator.hasNext();) { String roleName = (String)iterator.next(); try { Principal p = createIdentity(roleName); rolesGroup.addMember(p); } catch (Exception e) { log.debug("Failed to create principal " + roleName, e); } } // return new Group[]{rolesGroup}; } catch (Exception e) { throw new LoginException(e.toString()); } } }); } catch (Exception e) { Throwable cause = e.getCause(); throw new LoginException(cause.toString()); } } } How does it login, I still confused. and how does the page forward? do not have the portlet control it. could you explain that to me? Thanks very much! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3974207#3974207 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3974207 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user