Hi,
I need some help in running authentication in JBoss.
I have a custom JAAS login module that handles SAML SSO
authentication.
A servlet calls the LoginModule upon receiving a SAML response
After calling LoginContext.login() I have a successfully authenticated
Subject.
Then I need to assign this Subject to session.
In WebLogic I can do:
// weblogic.servlet.security.ServletAuthentication ServletAuthentication.runAs(subject, request);
if (/* request has cert */) { cert = request.getAttribute("cert"); CallbackHandler handler = new CertCallbackHandler(cert); LoginContext lc = new LoginContext("composer-saml-cert", handler); try { lc.login(); Subject subject = lc.getSubject(); // **** << assign subject to request >> **** !!!!!!!!!!!!!!!!!! } catch(LoginException e) { // XXXX } }
I would be extremely interested in learning this as well. I would prefer to avoid using j_security_check.