Re: My first JAAS implementation. A few questions.

Wed, 25 Apr 2007 08:49:57 -0700 

Hi:

I have similar issue. Would you know if we need to save trhe Subject in
HttpSession?

Otherwise, how would the context get the Subject as follows - 
<p>Subject = <%= Subject.getSubject(AccessController.getContext()) %></p>

thanx
Shahab


Mark Benussi wrote:
> 
> I am implementing my first JAAS implementation and have some
> problems/questions.
> 
> Firstly my commit method of my LoginModule does the following (User and
> Role
> both implement Principal)
> 
> // Create a new User Principal with the user name retrieved from the
> NameCallback
> User user = new User(username);
> // Add the principal to the subject
> subject.getPrincipals().add(user);
> 
> for (int i = 0; i < roles.length; i++) {
>       // Iterate the role names retrieved from the database lookup
>        String roleName = roles[i];
>        // Create a new Role Principal with the role name
>       Role role = new Role(roleName);
>       // Add it to the public credentials to see if it works
>       subject.getPublicCredentials().add(role);
>       // Add it to the private credentials to see if it works
>       subject.getPrivateCredentials().add(role);
> }
> return true;
> 
> In the JSP that the application returns to after doing form based
> authentication the following occurs
> 
> <p>Subject = <%= Subject.getSubject(AccessController.getContext()) %></p>
> <p>Remote User = <%= request.getRemoteUser() %></p>
> <p>User Prinicipal = <%= request.getUserPrincipal() %></p>
> 
> But this produces
> 
> Subject = null
> Remote User = administrator
> User Prinicipal = GenericPrincipal[administrator()]
> Why is the subject null please?
> 
> The request.isUserInRole() methods for the role names I added to the
> subject
> also return false... has anyone got some helpful ideas please?
> 
> If more source is needed I can gladly provide it if will help
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 

-- 
View this message in context: 
http://www.nabble.com/My-first-JAAS-implementation.-A-few-questions.-tf207803.html#a10183578
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to