thinking about it i guess you could also write a filter that took your credentials out
of the HttpSession (assuming your Action had put them there earlier)
and do something like {from JBossSecurityMgrRealm}
Context securityCtx = null;
try
{
InitialContext iniCtx = new InitialContext();
securityCtx = (Context) iniCtx.lookup("java:comp/env/security");
// Get the JBoss security manager from the ENC context
SubjectSecurityManager securityMgr = (SubjectSecurityManager)
securityCtx.lookup("securityMgr");
principal = new SimplePrincipal(username);
char[] passwordChars = null;
if (credentials != null)
passwordChars = credentials.toCharArray();
if (securityMgr.isValid(principal, passwordChars))
{
SecurityAssociationActions.setPrincipalInfo(principal, passwordChars);
}
}
that might work. but im not sure if the filter is called before or after the security
Authenticator valve on the web-application
...................
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3842687#3842687
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3842687
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
