3 Replies Latest reply on Sep 4, 2005 12:04 PM by starksm64

Flushing JAAS for Principal

wmanent Oct 31, 2003 3:04 AM

(Posted to the jboss-user mailing-list as well)

Hi.

I'm trying to flush the jaas authorization cache in our application (to
pick up changes to roles etc.).

I've managed to flush the *entire* cache
(flushAuthenticationCache(java.lang.String) and this works fine but I'd
like to use the flush-method that takes a principal as well.

My code looks something like:

Object[] params = new Object[]{jaasDomainName, simplePrincipal};
String[] signature = new String[]{"java.lang.String",
"java.security.Principal"};
mbeanServer.invoke(jaasObjectName, "flushAuthenticationCache", params,
signature);

The simplePrincipal object my own implementation of the Principal
interface (just takes the username in the constructor and returns it on
getName()).

This code executes without any error messages, but the cache is not
flushed. If I execute the same(?) method in the web-console the cache
*is* flushed for the named user.

My guess is that the CachePolicy can't find my principal and that in
order to get my code working I must get my hands on the actual Principal
object used by JBoss JAAS.

If this is the case, then how do I do it? If not, what am I doing wrong?
;)

Best Regards //Anders

1. Re: Flushing JAAS for Principal

juha Nov 1, 2003 7:58 AM (in response to wmanent)

Try creating a SimplePrincipal instance instead of your own (this may help in case its just a equals() problem [if it is, you may be able to fix it by making sure your implementation has a matching equals() & hashCode() implementations]).

-- Juha
Actions

2. Re: Flushing JAAS for Principal

tugno Sep 1, 2005 11:03 AM (in response to wmanent)

Hi, I'm in the same situation too, I've also tried to pass to the SecurityManager
my own implementation of Principal class (I've called MyPrincipal that extends Principal) but this not solved my problem.
This is my piece of code:

 try
{
 System.out.println("clearusercache");
 String domain = "jmx-console";
 Principal loggedUser=sessionctx.getCallerPrincipal();
 MyPrincipal userp = new MyPrincipal(loggedUser.getName());

 ObjectName jaasMgr = new ObjectName("jboss.security:service=JaasSecurityManager");
 Object[] params = {domain, userp};
 String[] signature = {"java.lang.String", "java.security.Principal"};
 MBeanServer server = (MBeanServer) MBeanServerFactory.findMBeanServer(null).get(0);
 server.invoke(jaasMgr, "flushAuthenticationCache", params, signature);
}
catch(Exception e3)
{
 e3.printStackTrace();
}

This is the a part of the code of MyPrincipal class

 public boolean equals(Object o)
 {
 if(o.getClass()==java.security.Principal.class )
 {
 Principal p=(Principal)o;
 if(p.getName().equals(username)) return true;
 else return false;
 }

 return super.equals(o);
 }

 public int hashCode()
 {
 Principal p=(Principal)(this);
 return p.hashCode();
 }

but when I log out so it cleans the cache JBoss gave me a stackoverflow error
So, could someone post an example of the code to implement the equals() and the hashCode() please?
thank you

3. Re: Flushing JAAS for Principal

starksm64 Sep 4, 2005 12:04 PM (in response to wmanent)

Your hashCode method is broken. Reasonable implementations are:

 public boolean equals(Object another)
 {
 if (!(another instanceof Principal))
 return false;
 String anotherName = ((Principal) another).getName();
 boolean equals = false;
 if (name == null)
 equals = anotherName == null;
 else
 equals = name.equals(anotherName);
 return equals;
 }

 public int hashCode()
 {
 return (getName() == null ? 0 : getName().hashCode());
 }

Go to original post