RE: Customer User Manager problems

Juan Lorandi (Chile) Thu, 22 Feb 2001 10:54:08 -0800
ok. Some pointers:

1. I have my own imp. of UserManager and it's deliciously good
2. No need for principals.xml at this stage
3. When you add a security constraint, some pages require something 'extra'
to be seen, in the case, this extra is that the user login'd belongs to a
group sr_guest
[Excerpt from your mail]

> >     <security-constraint>
> >             <web-resource-collection>
> >                     <web-resource-name>Main</web-resource-name>
> >                             <url-pattern>/*</url-pattern>
> >                     <url-pattern>/list.jsp</url-pattern>
> >             </web-resource-collection>
> >
> >             <auth-constraint>
> >                     <role-name>sr_guest</role-name>
> >             </auth-constraint>
> >     </security-constraint>

if the user tries to get some pages (in this case, ALL), then it must belong
to a group sr_guest.
Does the user you login with belong to the group user? (and I don't mean the
DB... if you issue a
UserImp.isMemberOf(UserManagerImp.getGroup("sr_guest") 
does it return true? If not, then something is not quite right).

If I'd was to test this, I would try the following:
create a user; say, 'jlorandi'

then, try some (pseudo) code:

User usr = UserManagerImp.getUser("jlorandi");
System.out.println("User:"+usr.getName);
Group grp = UserManagerImp.getGroup("sr_guest");
System.out.println("Group:"+grp.getName);

System.out.println("isMember?"+usr.isMemberOf(grp));

let me see how it comes

JP
> -----Original Message-----
> From: Ernie Phelps [mailto:[EMAIL PROTECTED]]
> Sent: Jueves, 22 de Febrero de 2001 15:51
> To: 'Juan Lorandi (Chile)'; 'Orion-Interest'
> Subject: RE: Customer User Manager problems
> 
> 
> Juan,
> 
> I have tried putting the user into the principals.xml file, 
> although the
> eventual goal is to not use this file at all (provide custom 
> groups from the
> database via our UserManager). This does not seem to have any 
> effect. I am
> not currently using a login error page, but I am not that 
> worried about the
> login repetition for failure at the moment.
> 
> My main concern is what is failing in the process, since 
> authenticate is
> returning true from TMUser. There is presumably other code 
> that I have to
> modify to get this to work, any idea's would be appreciated. Thanks.
> 
> - Ernie
> 
> -----Original Message-----
> From: Juan Lorandi (Chile) [mailto:[EMAIL PROTECTED]]
> Subject: RE: Customer User Manager problems
> 
> have you got a login error page? that's why the three times,
> also, if a user doesn't belong to a sr_guest group, you won't 
> have access
> 
> > -----Original Message-----
> > From: Ernie Phelps [mailto:[EMAIL PROTECTED]]
> > Subject: Customer User Manager problems
> >
> > I am having difficulties getting a custom user manager to
> > work. Here are the
> > steps I have taken:
> >
> > Implemented User (as TMUser)
> > Implemented Group (as TMGroup)
> > Extended AbstractUserManager (as TMUserManager)
> >
> > Added the following to orion-application.xml:
> >
> >     <user-manager class="com.trademotion.security.TMUserManager"/>
> >
> >     <namespace-access>
> >             <read-access>
> >             <namespace-resource root="">
> >                     <security-role-mapping
> > name="&lt;jndi-user-role&gt;">
> >                             <group name="administrators" />
> >                     </security-role-mapping>
> >                     <security-role-mapping name="sr_guest">
> >                             <group name="ug_default" />
> >                     </security-role-mapping>
> >             </namespace-resource>
> >             </read-access>
> >             <write-access>
> >             <namespace-resource root="">
> >                     <security-role-mapping
> > name="&lt;jndi-user-role&gt;">
> >                             <group name="administrators" />
> >                     </security-role-mapping>
> >                     <security-role-mapping name="sr_guest">
> >                             <group name="ug_default" />
> >                     </security-role-mapping>
> >             </namespace-resource>
> >             </write-access>
> >     </namespace-access>
> >
> > Added the following to web.xml:
> >
> >     <security-constraint>
> >             <web-resource-collection>
> >                     <web-resource-name>Main</web-resource-name>
> >                             <url-pattern>/*</url-pattern>
> >                     <url-pattern>/list.jsp</url-pattern>
> >             </web-resource-collection>
> >
> >             <auth-constraint>
> >                     <role-name>sr_guest</role-name>
> >             </auth-constraint>
> >     </security-constraint>
> >
> >     <login-config>
> >             <auth-method>BASIC</auth-method>
> >             <realm-name>TM</realm-name>
> >     </login-config>
> >
> >     <security-role>
> >             <role-name>sr_guest</role-name>
> >     </security-role>
> >
> > Here is the result:
> >
> > 1. I start Orion. It calls TMUserManager Init.
> > 2. I start the browser, direct it to my controller. It pops 
> the basic
> > authentication dialog. I enter username and password.
> > TMUserManager.getUser
> > is called.
> > TMUser.authenticate is called and returns true.
> > 3. The basic authentication dialog pops again. This happens 3
> > times then
> > fails.
> >
> > Any idea what I am missing here? I feel I have missed
> > something basic, but
> > can't put
> > my finger on it. TIA,
> >
> > - Ernie
>
RE: Customer User Manager problems

Reply via email to
