Do you know for anyAPI or framework that simplify JAAS?
Or you build all from start?
What about using different web server then Tomcat and your JAAS?
Is it possible to move that core or you need to change something?
we wrote our own LoginModule and User and Role classes (implementing
javax.security.Principal) and have installed these classes into Tomcat
as per the various books on JAAS and Tomcat.
you can then access that user's name with
request.getUserPrincipal().getName() or in jsf
#{request.userPrincipal.name}
we added a managed mean for the activeUser that mimicks the
request.isUserInRole(String rolename) method by providing a map with a
user's role names and Boolean.TRUE value so we can do things like
<h:outputText value="#{user.name}"
rendered="#{user.inRole['admin']}"/>
You can do this sort of thing with managed beans if you need to with or
without JAAS.
JAAS is non-trivial and i'd only use it where you need single-sign in
across several systems. unfortunatly there is no
request.setUserPrincipal() method so if you want to handle the login
yourself you need to use your own managed beans
dave
On 26/01/2005, at 1:34 PM, niksa_os wrote:
How did you build JAAS?
JAAS is just API, not implementation right?
Did you use any framework or tool for help?
For smaller projects I use a managed bean in conjunction with a
servlet filter. I also have singleton UserRegistry class that both
the loginhandler and the filter can access. this works very
reliably.
for bigger projects where we need to integrate several systems with
single-sign in we use JAAS, but for small projects that's way
overkill.
cheers
dave