3 Replies Latest reply on Apr 5, 2004 9:23 AM by phantom

    Login as new user from login module

    sysuser1

      When some user try to login, he should come throw my own login module. This module needs to obtain information from EJB as, for example, `internal' user, so login module should in turn login as `internal' .

      When I try to execute first LoginContext.login() (as `user'), it enters in my login module where I try to execute second LoginContext.login() (as `internal'). There are no errors after login() was executed, but when I try to use EJB as `internal' (after second login), I have a SecurityException.

      How can I implement this (If I understood previous posts correctly, I couldn't use doAs for executing code as `internal')?

        • 1. Re: Login as new user from login module
          sysuser1

          Additional results:

          Also this problem occurs when user was logged in and we are trying to relogin from jsp as `internal' user, or from EJB. In other words, we can't login as 'internal' for some specific activity in LoginModule, JSP, EJB, after we were logged in as `user'

          • 2. Re: Login as new user from login module
            starksm64

            Its not clear what you are talking about here. What is an example of what you are doing to relogin as the internal user? Submit the example as a bug report to sourceforge:
            http://sourceforge.net/tracker/?group_id=22866&atid=376685

            • 3. Re: Login as new user from login module
              phantom

              The question is
              how can I dynamicaly relogin during one request to the server? In some cases it's very important to have such possibility, for examples suppose that you have "User" entity bean. And this bean has "changePassword" method, which can be executed by "Administrator" or by user which is represented by this entity bean instance. And there is the way: temporary switch to "Administrator" user to perform this action. May be this example not so good(because this functionality may be implemented in such another way), but it is quite simple to understand. But it's seems that Subject.doAs, lc.login-lc.logout, pushRunAsRole don't work:(