Hi, I am running jboss 4.04 and have implemented form based authentication using the DatabaseServerLoginModule. Everything is working fine. However, once my user has logged in I need to be able to access the user's username and password. I have checked through lots of the posts on here and seen other people requesting how to get at the j_username and j_password fields... The general reply seemed to be that they should use the ExtendedFormAuthenticator as per the corresponding Wiki page. I have followed the instructions of the Wiki page to the letter and have not been able to get it to work... I have added a context.xml file to my webapp WEB-INF directory (which didn't work) and so also modified the context.xml file under the jbossweb-tomcat55.sar directory... and of course bounced jboss.
WebApp context.xml | <!-- Add the ExtendedFormAuthenticator to get access to the username/password/exception --> | <Context cookies="true" crossContext="true"> | <Valve className="org.jboss.web.tomcat.security.ExtendedFormAuthenticator" | includePassword="true" /> | </Context> | Ammended tomcat context.xml | <!-- The contents of this file will be loaded for each web application --> | <Context cookies="true" crossContext="true"> | <!-- Session persistence is disable by default. To enable for all web | apps set the pathname to a non-empty value: | <Manager pathname="SESSIONS.ser" /> | | To enable session persistence for a single web app, add a | WEB-INF/context.xml | --> | <Manager pathname="" /> | | <!-- Install an InstanceListener to handle the establishment of the run-as | role for servlet init/destroy events. | --> | <InstanceListener>org.jboss.web.tomcat.security.RunAsListener</InstanceListener> | | <!-- Add the ExtendedFormAuthenticator to all applications by default --> | <Valve className="org.jboss.web.tomcat.security.ExtendedFormAuthenticator" | includePassword="true" /> | | </Context> | I was then trying to access the j_username and j_password information in my JSP in the following manner as all the posts I read seemed to suggest that the username and password were cached in the session when you used the ExtendedFormAuthenticator: <% | String username = (String) session.getAttribute("j_username"); | String password = (String) session.getAttribute("j_password"); | %> | <p>Username: <%=username%></p> | <p>Password: <%=password%></p> All i get is 'null' and 'null' for the username and password. What have I missed? I have also tried programatically trying to access the information and have had some degree of success but not exactly what I am looking for. Here is the code that has enabled me to see the user's username and the roles that the user belongs to.... but there is no password.... maybe I am missing something here? <% | //Get the Authenticated Subject | Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container"); | Set principals = subject.getPrincipals(Principal.class); | Iterator iter = principals.iterator(); | while(iter.hasNext()) | { | Principal p = (Principal)iter.next(); | if(p instanceof SimpleGroup) { | SimpleGroup sg = (SimpleGroup)p; | %> <p>Group:<%=sg.getName()%></p> | <% | Enumeration en = sg.members(); | while(en.hasMoreElements()) { | String role = en.nextElement().toString(); | if(role != null) { %> | <p>Role:<%=role%></p> | <% | } | } | } else { | %><p>Something Else:<%=p%></p><% | } | } | %> | Any help, pointers, sample code would be greatly appreciated as I really need to try and get this sorted as I need the username and password within my webapp for something. Kind Regards, Paul. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3947983#3947983 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3947983 ------------------------------------------------------- All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642 _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user