-
1. Re: JAAS/JACC...help...please....
soshah Aug 14, 2007 3:13 PM (in response to indyjones)Indy-
If you seek enlightenment please follow this forum thread ;)
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4073177#4073177
Thanks -
2. Re: JAAS/JACC...help...please....
indyjones Aug 14, 2007 3:26 PM (in response to indyjones)Thats the one i have been trying to follow...
I am very new to this so I apologize...
I get the user authenticated and get their Principals (Roles)...
What I don't understand is how to tell the Portal framework that this user is "Authenticated".
I tried using the JACC Portal Permission factory and adding the role "Authenticated" with no luck...
I just assume the Portal framework is smart enough to forward the user to the "/auth" context once an "Authenticated" role has been added.
I just need a little...ah..."push"...in the right direction... :)
indy -
3. Re: JAAS/JACC...help...please....
soshah Aug 14, 2007 5:15 PM (in response to indyjones)Indy-
You will need integration inside of tomcat to achieve this, using Valve/Authenticator approach.
Krish from previous thread successfully did this.
Krish, can you share some of your insight with Indy on this issue.
Thanks -
4. Re: JAAS/JACC...help...please....
creative777 Aug 18, 2007 8:43 AM (in response to indyjones)This is the approach you want to take.
http://jboss.org/index.html?module=bb&op=viewtopic&t=116375
Sohil, rewriting the valve ???? That's basically what he's asking how to do, no one seems to know.
Post 116375 looks to be getting closer to a solution. -
5. Re: JAAS/JACC...help...please....
indyjones Aug 18, 2007 4:32 PM (in response to indyjones)creative777,
Thanks for the help...that is exactly what i need...
I will try it out and let you know how it goes...
thanks
indy -
6. Re: JAAS/JACC...help...please....
creative777 Aug 19, 2007 7:46 AM (in response to indyjones)Indy,
I assume you have been checking out the jbosssx lib in source. This has an authorization manager class.
Instead of calling the usually login(), you use the managers authenticate(), you can use this class as it look like it does alot of account setup. It also puts the user information into a cache, I'm thinking this is what is missing just a guess though at this point.
Cheers -
7. Re: JAAS/JACC...help...please....
creative777 Aug 19, 2007 1:40 PM (in response to indyjones)I reviewed Sohil's post and did review the Tomcat Authenticator and I can now see what the hurdles are in regard to circumventing the Tomcat Valve.
Portal extends the JBoss security which extends the Tomcat security scheme although I think it is still possible to setup a portlet with just portal authorization would get pretty ugly.
So rewriting the Tomcat Authenticator and applying as a custom servlet would be the easier route. Not sure what that will be but if anyone has done this I and Indy would appreciate it if you would share some code. -
8. Re: JAAS/JACC...help...please....
creative777 Aug 20, 2007 1:54 PM (in response to indyjones)
JSF
public String submit(){
String retVal = "";
String j_username = getUserId().getValue().toString();
String j_password = getPassword().getValue().toString();
ExternalContext externalContext = getFacesContext().getExternalContext();
String jsessionid = ((HttpSession)externalContext.getSession(false)).getId();
// Only if sanity checks and validations on j_username & j_password pass, proceed further.
ApplicationParameter.getLogger().debug("Current jsessionid=" + jsessionid);
ApplicationParameter.getLogger().debug("submitting login details (userId: " + j_username + " & password: " + j_password + ") to /j_security_check ...");
try {
URL jSecurityCheckURL = new URL("http://localhost:9080/raweb/j_security_check;jsessionid=0000" + jsessionid + ":-1&j_username=" + j_username + "&j_password" + j_password);
HttpURLConnection jSecurityCheckURLConnection = (HttpURLConnection)jSecurityCheckURL.openConnection();
jSecurityCheckURLConnection.setRequestMethod("POST");
jSecurityCheckURLConnection.setInstanceFollowRedirects(false);
// jSecurityCheckURLConnection.addRequestProperty("j_username", j_username);
// jSecurityCheckURLConnection.addRequestProperty("j_password", j_password);
// jSecurityCheckURLConnection.setRequestProperty("j_username", j_username);
// jSecurityCheckURLConnection.setRequestProperty("j_password", j_password);
jSecurityCheckURLConnection.connect();
ApplicationParameter.getLogger().debug("j_security_check returned: " + jSecurityCheckURLConnection.getResponseCode() + ": " + jSecurityCheckURLConnection.getResponseCode());
if (null != externalContext) {
String remoteUser = externalContext.getRemoteUser();
ApplicationParameter.getLogger().debug("Authenticated username: " + remoteUser);
HttpServletRequest httpServletRequest = (HttpServletRequest)externalContext.getRequest();
Principal principal = httpServletRequest.getUserPrincipal();
if (null != principal) {
String userName = principal.getName();
ApplicationParameter.getLogger().debug("Authenticated username: " + userName);
}
} else {
ApplicationParameter.getLogger().debug("Unable to obtain Faces ExternalContext and hence the remote user details.");
}
} catch (MalformedURLException ex) {
ApplicationParameter.getLogger().error(ex);
retVal = "";
} catch (IOException ex) {
ApplicationParameter.getLogger().error(ex);
retVal = "";
}
return retVal;
}