Hi,
I need some help in running authentication in JBoss.
I have a custom JAAS login module that handles SAML SSO
authentication.
A servlet calls the LoginModule upon receiving a SAML response
After calling LoginContext.login() I have a successfully authenticated
Subject.
Then I need to assign this Subject to session.
In WebLogic I can do:
// weblogic.servlet.security.ServletAuthentication
ServletAuthentication.runAs(subject, request);
How can it be done in JBoss ?
Here is a code snippet:
if (/* request has cert */) {
cert = request.getAttribute("cert");
CallbackHandler handler = new CertCallbackHandler(cert);
LoginContext lc = new LoginContext("composer-saml-cert", handler);
try {
lc.login();
Subject subject = lc.getSubject();
// **** << assign subject to request >> **** !!!!!!!!!!!!!!!!!!
} catch(LoginException e) {
// XXXX
}
}
Thanks for any pointers,
Maciek
