I'm not a Tomcat expert, but I believe that on your client side (in JSPs
and servlets, that is) you should be using Tomcat style login
interceptors. There is a JBoss interceptor that picks up the Tomcat
principal and credential and assigns the SecurityAssociation to the
thread. This way, as long as you have the JBoss security interceptor
after the Tomcat interceptor, JBoss will get the principal and
credential that are associated with that user's session.
-danch
Tobias Seelinger wrote:
>
> Hi,
>
> I am using JBoss 2.2 with embedded Tomcat and I have written my own
> LoginModules for JAAS authentication. Calling secure Beans from a Java
> client seems to work, but calling them from embedded Tomcat leads to a
> Authentication exception. The exception gets thrown by the JBoss
> SecurityInterceptor, because the Principal delivered by the
> MethodInvocation is null.
> But: it is not always null (which may be easy to debug). The Tomcat JSP
> is calling a secure bean two times and sometimes the first call is
> succesfully handled by my LoginModule and the second call has a null
> Principal. Sometimes the first call leads to the exception...
>
> I am using a modified org.jboss.security.ClientLoginModule and it stores
> the Principal in a SecurityAssociation object (ThreadLocal). Doesn't
> Tomcat using several Threads to process requests from the same
> client/session ? If I store the Principal in one Thread and the session
> opens a new Thread, how does the Principal get updated ? This may be a
> reason for the behaviour described above.
>
> Tobias.
>
> _______________________________________________
> JBoss-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/jboss-user
Confidential e-mail for addressee only. Access to this e-mail by anyone else is
unauthorized.
If you have received this message in error, please notify the sender immediately by
reply e-mail
and destroy the original communication.
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user
