-
15. Re: Programmatic Authentication in JBoss?
"anil.saldhana@jboss.com" wrote:
This feature will be available in 4.2.0.GA
I was thinking about ways to adequately test this. For now, after the web authentication in a servlet, I check for two things:
request.getUserPrincipal != null
and
request.isUserInRole(role) == true
Any thoughts on how this can be tested further? (No JSF, struts etc ideas please).
I think that this test is nice.
Only for clarification. With this I can have a servlet in a unprotected area of the realm XXXX. And I can arbritally call login(String username, Object credential) and that will be Intercepted with a LoginModule?¿ Or can I put directly a user/role?¿
A little sample in the wiki of a simple usage of that module to authentificate will be very apreciated. I think that using a unprotected servlet to put the credentials will be a very nice one.
A lot of thanks in advance, -
16. Re: Programmatic Authentication in JBoss?
FYI - I've taken the code from head and retro-fitted it to 4.0.5GA and it works perfectly.
-
17. Re: Programmatic Authentication in JBoss?
According to the wiki, the latest update to this class works with Tomcat SingleSignOn.
Does it also work with the SingleSignOn in the JBoss clustered environment? -
18. Re: Programmatic Authentication in JBoss?
"ryoung2504" wrote:
FYI - I've taken the code from head and retro-fitted it to 4.0.5GA and it works perfectly.
Can you provide me the modified source file for 4.0.5? I have the similar requirement of Programatic authentication in jboss 4.0.5 GA.
What changes are required to make it work in 4.0.5?
Appreciated your response. -
19. Re: Programmatic Authentication in JBoss?
Hi,
I am again requesting the forum experts.
Is it possible to retro-fit the WebAuthentication implementation in Jboss 4.0.5?
One of the members mentioned that he did it successfully in 4.0.5 and tested.
I would appreciate your help. -
20. Re: Programmatic Authentication in JBoss?
is you still need an answer about programmatic web login to jboss 4.0.5 email me (anton.nazaruk@gmail.com), I'll post an answer, I just do not know if it is still relevant
-
21. Re: Programmatic Authentication in JBoss?
if you still need an answer about programmatic web login to jboss 4.0.5 email me (anton.nazaruk@gmail.com), I'll post an answer, I just do not know if it is still relevant
-
-
23. Re: Programmatic Authentication in JBoss?
I have resolved this pb in 2009, the answer was :
In authentifiction module :
---------------------------------------
String WEB_REQUEST_KEY = "javax.servlet.http.HttpServletRequest";
HttpServletRequest request;
String j_role = null;
String j_user = null;
String j_password = null;
try {
request = (HttpServletRequest) PolicyContext.getContext(WEB_REQUEST_KEY);
j_role = request.getParameter("j_role");
j_user = request.getParameter("j_username");
j_password = request.getParameter("j_password");
this.callbackHandler = new customCallbackHandler(j_user, j_password, j_role);
} catch (PolicyContextException e) {
throw new FailedLoginException("Technical Error");
}
In the customCallbackHandler class :
------------------------------------------------------
public class customCallbackHandler implements CallbackHandler {
...............;
@Override
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof TextOutputCallback) {
// display the message according to the specified type
TextOutputCallback toc = (TextOutputCallback) callbacks[i];
switch (toc.getMessageType()) {
case TextOutputCallback.INFORMATION:
System.out.println(toc.getMessage());
break;
case TextOutputCallback.ERROR:
System.out.println("ERROR: " + toc.getMessage());
break;
case TextOutputCallback.WARNING:
System.out.println("WARNING: " + toc.getMessage());
break;
default:
throw new IOException("Unsupported message type: "
+ toc.getMessageType());
}
} else if (callbacks[i] instanceof TextInputCallback) {
// prompt the text imput for a role
TextInputCallback tic = (TextInputCallback) callbacks[i];
tic.setText(role);
} else if (callbacks[i] instanceof NameCallback) {
// prompt the user for a username
NameCallback nc = (NameCallback) callbacks[i];
nc.setName(username);
} else if (callbacks[i] instanceof PasswordCallback) {
// prompt the user for sensitive information
PasswordCallback pc = (PasswordCallback) callbacks[i];
pc.setPassword(password.toCharArray());
} else {
throw new UnsupportedCallbackException(callbacks[i],
"Unrecognized Callback");
}
}
}
In the view class :
--------------------------
public boolean isUserInRoleAdministrator() {
FacesContext ctx = FacesContext.getCurrentInstance();
Object request = ctx.getExternalContext().getRequest();
if (request instanceof RenderRequest) {
List<String> roles = (List<String>) ((RenderRequest) request).getPortletSession(false).getAttribute("roles");
if (null != roles)
return roles.contains(ADMINISTRATOR);
} else if (request instanceof HttpServletRequest) {
List<String> roles = (List<String>) ((HttpServletRequest) request).getSession(false).getAttribute(ATTRIBUTE_ROLES);
if (null != roles)
return roles.contains(ADMINISTRATOR);
} else if (request instanceof ResourceRequest) {
List<String> roles = (List<String>) ((ResourceRequest) request).getPortletSession().getAttribute("roles");
if (null != roles)
return roles.contains(ADMINISTRATOR);
}
public String getUserConnected() {
if (null != FacesContext.getCurrentInstance().getExternalContext() && null != FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal())
return FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal().getName();
else
return null;
}