3 Replies Latest reply on Mar 19, 2003 11:33 AM by fortinj

    Where is my Custom Principal?

    fortinj
    fortinj Mar 12, 2003 2:05 PM

      I have a JAAS Login Module which uses a custom principal.

      Group callerPrincipalGroup = new MWareACLGroup("CallerPrincipal");
      System.out.println("PrincipalGroup: "+callerPrincipalGroup.getName());
      System.out.println("PrincipalGroupToString: "+callerPrincipalGroup.toString());
      callerPrincipalGroup.addMember(principal);
      principals.add(callerPrincipalGroup);


      The seems to do the proper thing in JaasSecurityManager. I put debugging code in there and info.callerPrinciple does get set correctly. However, it seems to get lost with the request.getUserPrincipal call. I still get
      'org.jboss.jetty.security.JBossUserRealm$JBossUserPrincipal'

      Where is the hook between JaasSecurityManager and request.getUserPrincipal?

      I am using JBoss 3.0.6 with Jetty.

      --John Fortin

      • 2249 Views
      • Tags:
        • 1. Re: Where is my Custom Principal?
          petertje Mar 14, 2003 1:36 PM (in response to fortinj)

          > Where is the hook between JaasSecurityManager and
          > request.getUserPrincipal?

          Well, i'm afraid there isn't. The integration between Jetty and JBoss (JBossUserRealm) creates its own principal object, because it must implement jetty's UserPrincipal interface.
          I'm afraid this is hard to change because of the way security is implemented in Jetty.

          Maybe, Greg or Jules can comment on this....

          Regards,
          Peter.

            • Actions
          • 2. Re: Where is my Custom Principal?
            fortinj
            fortinj Mar 18, 2003 10:18 AM (in response to fortinj)

            So it is not possible to create an application which uses a customized principle? To me that seems to be a big disadvantage to using JBoss. We have data which must be returned to out applications in the principle object. Without being able to do that, we cannot develop with JBoss, and we definately cannot use it in a production environment.

            Currently we are able to to this using Weblogic.

              • Actions
            • 3. Re: Where is my Custom Principal?
              fortinj
              fortinj Mar 19, 2003 11:33 AM (in response to fortinj)

               

              "fortinj" wrote:
              BTW, I also tried this with JBoss/Tomcat with the same type os issue except that I get a SimplePrincipal instead of my custom principal.

              --John


                • Actions