-
1. Re: Moving away JBoss Portal from FORM-based authentication
soshah Aug 2, 2007 12:33 PM (in response to kpalania)kpalania-
For better integration with JAAS I would recommend using a Tomcat Valve instead of a Servlet Filter
Thanks -
2. Re: Moving away JBoss Portal from FORM-based authentication
kpalania Aug 2, 2007 12:52 PM (in response to kpalania)ok, will look into that. any pointers/examples?
also, for now, do you know why using a filter wouldn't work? the principals don't seem to be set. if i keep everything else the same and use my security realm with the form-based authentication, things work fine. -
3. Re: Moving away JBoss Portal from FORM-based authentication
kpalania Aug 6, 2007 1:01 PM (in response to kpalania)ok, will look into that. any pointers/examples?
also, for now, do you know why using a filter wouldn't work? the principals don't seem to be set. if i keep everything else the same and use my security realm with the form-based authentication, things work fine. -
4. Re: Moving away JBoss Portal from FORM-based authentication
kpalania Aug 6, 2007 1:03 PM (in response to kpalania)The "portal.principal" session attribute is not set to the authenticated user, in my case, and that is what is causing the problem.
I have 2 apps, running in JBoss and the custom login module implementation code is part of a shared library used by both these apps. However, the session is different for these 2 apps, and hence, the authenticated user doesn't seem to be set in the session for the 2nd app. Does this make sense, and is this a JBoss bug??
Is there a workaround? -
5. Re: Moving away JBoss Portal from FORM-based authentication
kpalania Aug 6, 2007 5:33 PM (in response to kpalania)