you can do :
if you are LoginContext explicitely to get authentication you
can do :
LoginContext lc = new LoginContext("my-context");
lc.login(); // authenticate here
lc.getSubject().getPrincipals();
(used in forums application)
otherwise :
SecurityAssociation.getSubject().getPrincipals()
that will give you all the Principal filled by
the login modules during the commit phase of the authentication
protocol.
julien
Thursday, November 28, 2002, 8:14:21 AM, you wrote:
JB> Wonne,
JB> As far as I know, I don't think this is going to be possible in the immediate
future. The web container uses an AuthenticationManager that it looks up in the ENC to
authenticate users, and the
JB> only method that is exposed by that entity is isValid (Principal p, Object
credential).
JB> The principal that is used by the web container is always the JBossUserPrincipal.
The info from the principal is extracted by the security backend during the isValid()
call, which will invoke
JB> your custom login module if the subject/principal has not yet been authenticated
or isn't in the cache. Your custom classes only ever interact with the security
backend, and never with the web
JB> container directly.
JB> So, I don't really think we could provide access to your custom principal from the
web layer without changes to the JBoss security layer. Of course, as always, Scott may
have some further insight
JB> into this ...
JB> cheers,
JB> Jan
>>I am using custom JAAS loginmodule for both my web and ejb container, which
>>authenticates just fine. The login module creates a custom Principle with >some
>application specific attributes.
>>I now want to access that custom Principal object from within my web >container, but
>request.getUserPrincipal only returns an
>>org.jboss.jetty.security.JBossUserRealm$JBossUserPrincipal.
>>How can I acces our customized principal? Is it possible?
JB> --
JB> This e-mail may contain confidential and/or privileged information. If you are not
the intended recipient (or have received this e-mail in error) please notify the
sender immediately and destroy
JB> this e-mail. Any unauthorized copying, disclosure or distribution of the material
in this e-mail is strictly forbidden.
JB> -------------------------------------------------------
JB> This SF.net email is sponsored by: Get the new Palm Tungsten T
JB> handheld. Power & Color in a compact size!
JB> http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
JB> _______________________________________________
JB> JBoss-user mailing list
JB> [EMAIL PROTECTED]
JB> https://lists.sourceforge.net/lists/listinfo/jboss-user
--
Best regards,
julien mailto:[EMAIL PROTECTED]
___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com
-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
