2 Replies Latest reply on Apr 28, 2003 5:52 PM by petertje

custom principal in jboss-3.0.4_tomcat-4.1.12

sanjayns Mar 24, 2003 8:09 PM

(jboss 3.0.4 + tomcat 4.1.12 embedded)

I need to capture extra user info during login and I have implemented a custom principal + JAAS based custom login module as suggested by scott stark.
My custom login module extends org.jboss.security.auth.spi.AbstractServerLoginModule and my custom principal extends org.jboss.security.SimplePrincipal and I have followed all the instructions in several posts on this forum.
I have debugged extensively and found that I add roles and my custom principal correctly to the subject in commit()

The login itself works great but I always get back a org.jboss.security.SimplePrincipal object instead of my custom principal when I do request.getUserPrincipal() in my jsp page.
It appears that code in JBossSecurityMgrRealm.java always creates & stores an org.jboss.security.SimplePrincipal object and disregards my custom principal?

I was wondering if anyone else has successfully tried doing this and got back a custom principal in request.getUserPrincipal()?

I also found that Tomcat stand-alone works as expected (ie: request.getUserPrincipal() returns my custom principal) and I suspect this issue exists only in the embedded jboss+tomcat?

-Sanjay

1. Re: custom principal in jboss-3.0.4_tomcat-4.1.12

petertje Apr 9, 2003 4:53 AM (in response to sanjayns)

> It appears that code in JBossSecurityMgrRealm.java
> always creates & stores an
> org.jboss.security.SimplePrincipal object and
> disregards my custom principal?

That's right. See also
http://www.jboss.org/modules/bb/index.html?module=bb&op=viewtopic&t=
Actions
2. Re: custom principal in jboss-3.0.4_tomcat-4.1.12

petertje Apr 28, 2003 5:52 PM (in response to sanjayns)

my mistake: this message is 30214 ;-)

It should be:
http://www.jboss.org/modules/bb/index.html?module=bb&op=viewtopic&t=
Actions

Go to original post