Hi,
I am running jboss 4.04 and have implemented form based authentication using
the DatabaseServerLoginModule. Everything is working fine. However, once my
user has logged in I need to be able to access the user's username and
password. I have checked through lots of the posts on here and seen other
people requesting how to get at the j_username and j_password fields... The
general reply seemed to be that they should use the ExtendedFormAuthenticator
as per the corresponding Wiki page. I have followed the instructions of the
Wiki page to the letter and have not been able to get it to work... I have
added a context.xml file to my webapp WEB-INF directory (which didn't work) and
so also modified the context.xml file under the jbossweb-tomcat55.sar
directory... and of course bounced jboss.
WebApp context.xml
| <!-- Add the ExtendedFormAuthenticator to get access to the
username/password/exception -->
| <Context cookies="true" crossContext="true">
| <Valve
className="org.jboss.web.tomcat.security.ExtendedFormAuthenticator"
| includePassword="true" />
| </Context>
|
Ammended tomcat context.xml
| <!-- The contents of this file will be loaded for each web application -->
| <Context cookies="true" crossContext="true">
| <!-- Session persistence is disable by default. To enable for all web
| apps set the pathname to a non-empty value:
| <Manager pathname="SESSIONS.ser" />
|
| To enable session persistence for a single web app, add a
| WEB-INF/context.xml
| -->
| <Manager pathname="" />
|
| <!-- Install an InstanceListener to handle the establishment of the
run-as
| role for servlet init/destroy events.
| -->
|
<InstanceListener>org.jboss.web.tomcat.security.RunAsListener</InstanceListener>
|
| <!-- Add the ExtendedFormAuthenticator to all applications by default -->
| <Valve
className="org.jboss.web.tomcat.security.ExtendedFormAuthenticator"
| includePassword="true" />
|
| </Context>
|
I was then trying to access the j_username and j_password information in my JSP
in the following manner as all the posts I read seemed to suggest that the
username and password were cached in the session when you used the
ExtendedFormAuthenticator:
<%
| String username = (String) session.getAttribute("j_username");
| String password = (String) session.getAttribute("j_password");
| %>
| <p>Username: <%=username%></p>
| <p>Password: <%=password%></p>
All i get is 'null' and 'null' for the username and password. What have I
missed?
I have also tried programatically trying to access the information and have had
some degree of success but not exactly what I am looking for.
Here is the code that has enabled me to see the user's username and the roles
that the user belongs to.... but there is no password.... maybe I am missing
something here?
<%
| //Get the Authenticated Subject
| Subject subject = (Subject)
PolicyContext.getContext("javax.security.auth.Subject.container");
| Set principals = subject.getPrincipals(Principal.class);
| Iterator iter = principals.iterator();
| while(iter.hasNext())
| {
| Principal p = (Principal)iter.next();
| if(p instanceof SimpleGroup) {
| SimpleGroup sg = (SimpleGroup)p;
| %> <p>Group:<%=sg.getName()%></p>
| <%
| Enumeration en = sg.members();
| while(en.hasMoreElements()) {
| String role = en.nextElement().toString();
| if(role != null) { %>
| <p>Role:<%=role%></p>
| <%
| }
| }
| } else {
| %><p>Something Else:<%=p%></p><%
| }
| }
| %>
|
Any help, pointers, sample code would be greatly appreciated as I really need
to try and get this sorted as I need the username and password within my webapp
for something.
Kind Regards,
Paul.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3947983#3947983
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3947983
-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
