-
1. Re: setIdentity in BaseCertLoginModule
rpa_rio Oct 6, 2005 8:47 PM (in response to rpa_rio)This is really necessary for me.
-
2. Re: setIdentity in BaseCertLoginModule
brian.stansberry Oct 7, 2005 1:53 AM (in response to rpa_rio)Is what you're asking for that a protected method setIdentity() be added to BaseCertLoginModule?
I'll be honest, I'm probably not going to be able to tell you if such a change is possible or not, but when I read your first post it wasn't clear to me what you were asking for -- maybe if it's unclear to me its also unclear to those who can give you an answer :) -
3. Re: setIdentity in BaseCertLoginModule
starksm64 Oct 7, 2005 2:08 AM (in response to rpa_rio)The associated jira issue does not add enough details to this either. Clearly you can take the BaseCertLoginModule and change it however you want, but I need a better description of how the Prinicipal is supposed to be derived from the presented client cert.
-
4. Re: setIdentity in BaseCertLoginModule
rpa_rio Oct 7, 2005 10:27 AM (in response to rpa_rio)Well, i'll download the sources to do the proper changes in BaseCertLoginModule.
In order to derive the Principal i do this:
setIdentity(SimplePrincipal(rs.getString(1)));
where rs.getString(1) is the value of company certificate (DN) in users table of JAAS.
If fact i mean employee instead of user, i only need use the employee certificate to check which company this employee belongs, after this i need the company identity to inherit the company role(s). -
6. Re: setIdentity in BaseCertLoginModule
rpa_rio Nov 14, 2005 7:36 PM (in response to rpa_rio)I added a new comment in http://jira.jboss.com/jira/browse/JBAS-2278, please check it.
-
7. Re: setIdentity in BaseCertLoginModule
rpa_rio Nov 16, 2005 8:19 AM (in response to rpa_rio)Please i need some attention in this problem.
-
8. Re: setIdentity in BaseCertLoginModule
rpa_rio Nov 20, 2005 4:29 PM (in response to rpa_rio)How can i reopen this issue in JIRA?
-
9. Re: setIdentity in BaseCertLoginModule
starksm64 Nov 26, 2005 9:30 PM (in response to rpa_rio)The X509Certificate[] is passed into your implementation of CertificatePrincipal by the authentication layer that is going the client cert authentication. It's still unclear why you can't put the modifications you made to the BaseCertLoginModule to an implementation of CertificatePrincipal.
-
10. Re: setIdentity in BaseCertLoginModule
rpa_rio Nov 27, 2005 12:23 PM (in response to rpa_rio)I made an implementation of CertificatePrincipal called NexusDNMapping, but where i can place this class?
-
11. Re: setIdentity in BaseCertLoginModule
rpa_rio Nov 27, 2005 1:38 PM (in response to rpa_rio)I finally understood, i solved my last problem by building a jar with my implementation of CertificatePrincipal and placing in $jboss/server/default/lib...