4 Replies Latest reply on Apr 6, 2006 12:49 PM by cpage

    access httpsession from jaas loginmodule ?

    cpage Apr 5, 2006 12:36 PM

      hi,

      I've made my own implementation of the jaas loginmodule to authenticate my users.

      this loginmodule ask an LDAP to authenticate the user and then i ask the user's roles to an other service.

      after that, i build an user object which contains all informations about user identity and user roles.

      then, i have to "give" this user object to the portal.
      so i put it in the session like this :

      HttpServletRequest request = (HttpServletRequest) PolicyContext.getContext("javax.servlet.http.HttpServletRequest"); request.getSession(true).setAttribute(userCpage.getUserId(),userCpage);


      the problem is that i can't get this object back from a tag in my jsp : 

      public void doTag() throws JspException, IOException {
 PageContext app = (PageContext)getJspContext();
 HttpServletRequest request = (HttpServletRequest)app.getRequest();
 userCpageId= request.getRemoteUser();

 userCpage=(UserCpage)request.getSession(false).getAttribute(userCpageId);


      this return a null object.


      i read something about valve, but i don't understand how it can resolve my problem.
      http://wiki.jboss.org/wiki/Wiki.jsp?page=CustomizingSecurityUsingValves


      thanks for help ;)
      lionel

      • 4746 Views
      • Tags: