Hi all,
We have our portal users using windows NT clients. We want to do auto login to portal users (skip the login page). we have used jcifs NTLM filter. We are able to authenticate users with this arrangement. However we were not able to authorize the users. So we wrote a filter that gets the username and makes a call to login function. we then set the user principal and subject to SecurityAssociation as shown below. UsernamePasswordHandler handler = new UsernamePasswordHandler(httpRequest.getRemoteUser(), httpRequest.getRemoteUser().toCharArray()); LoginContext lgnctx; try { lgnctx = new LoginContext("portal", handler); lgnctx.login(); System.out.println("Subject:" + lgnctx.getSubject().toString()); SecurityAssociation.setSubject(lgnctx.getSubject()); SecurityAssociation.setPrincipal(new UserPrincipal(httpRequest.getRemoteUser())); SecurityAssociation.setCredential(httpRequest.getRemoteUser().toCharArray()); NOTE : we have user password same as user name in the database jbp_users table. But when some portlets make call to check for "admin" role as in following code req.isUserInRole(ADMIN_ROLE) it fails even if the user logged in has admin role. This happens in a few portlets such as role management portlet. We are not confident about the method we used to set the user subject and principal. Can any one suggest another method to set the user subject and principal? Appreciate if any one suggests other methods for authorization. my environment is as follws JBoss Portal Version : jboss 2.6.1 Did you get Portal from CVS : yes JBoss AS Version : JBoss AS 4.0.5 Database Vendor and Version : MS SQL server 2005 JDBC Connector : jdbc:jtds:sqlserver OS Platform : Windows NT thanks View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4075173#4075173 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4075173 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user