Hi all,
We have our portal users using windows NT clients. We want to do auto login to
portal users (skip the login page). we have used jcifs NTLM filter. We are able
to authenticate users with this arrangement. However we were not able to
authorize the users.
So we wrote a filter that gets the username and makes a call to login
function. we then set the user principal and subject to SecurityAssociation as
shown below.
UsernamePasswordHandler handler = new
UsernamePasswordHandler(httpRequest.getRemoteUser(),
httpRequest.getRemoteUser().toCharArray());
LoginContext lgnctx;
try {
lgnctx = new LoginContext("portal", handler);
lgnctx.login();
System.out.println("Subject:" +
lgnctx.getSubject().toString());
SecurityAssociation.setSubject(lgnctx.getSubject());
SecurityAssociation.setPrincipal(new
UserPrincipal(httpRequest.getRemoteUser()));
SecurityAssociation.setCredential(httpRequest.getRemoteUser().toCharArray());
NOTE : we have user password same as user name in the database jbp_users table.
But when some portlets make call to check for "admin" role as in following code
req.isUserInRole(ADMIN_ROLE)
it fails even if the user logged in has admin role. This happens in a few
portlets such as role management portlet.
We are not confident about the method we used to set the user subject and
principal. Can any one suggest another method to set the user subject and
principal?
Appreciate if any one suggests other methods for authorization.
my environment is as follws
JBoss Portal Version : jboss 2.6.1
Did you get Portal from CVS : yes
JBoss AS Version : JBoss AS 4.0.5
Database Vendor and Version : MS SQL server 2005
JDBC Connector : jdbc:jtds:sqlserver
OS Platform : Windows NT
thanks
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4075173#4075173
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4075173
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
