Custem JAAS IdentityLoginModule
pvapparao Sep 19, 2007 9:06 AMHi I am using the following code to authenticate users to my portal.
public class SsoLoginModule extends IdentityLoginModule { private static final Logger logger = Logger.getLogger(SsoLoginModule.class); private static final String DEFAULT_USER_ROLE = "User"; private static final String JNDI_TRANS_MGR = "java:/TransactionManager"; private static final String POLICY_CONTEXT_HTTP_SERVLET = "javax.servlet.http.HttpServletRequest"; private static final String OPTION_NAME_DEFAULT_ROLE = "defaultRole"; private static final String OPTION_NAME_ROLE_MOD_JNDI = "roleModuleJNDIName"; // public static final short UNDEFINED_TIMEZONE = (short)0; protected String defaultRoleForNewUser = DEFAULT_USER_ROLE; protected String roleModuleJNDIName; private RoleModule roleModule = null; private UserModule userModule = null; private UserProfileModule userProfileModule = null; private MembershipModule membershipModule = null; private Transaction transaction; private SessionFactory identitySessionFactory; private boolean success; private Session session; /** * Initialize the login module. * @param subject Authentication subject * @param callbackHandler Callback handler for the login module * @param sharedState Shared State Map * @param options Configuration options of the login module */ public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { super.initialize(subject, callbackHandler, sharedState, options); logger.info("Initializing login module."); String specifiedDefaultRole=(String)options.get(OPTION_NAME_DEFAULT_ROLE); if (!isNullOrEmpty(specifiedDefaultRole)) { defaultRoleForNewUser = specifiedDefaultRole; } roleModuleJNDIName = (String)options.get(OPTION_NAME_ROLE_MOD_JNDI); logger.info("Role module JNDI = "+roleModuleJNDIName); } /** * Perform log in process. */ public boolean login() throws LoginException { logger.info("Inside login."); createUserIfNew(); return super.login(); } /** * Create user if user does not exist. */ protected void createUserIfNew() throws LoginException { try { logger.info("Inside createUserIfNew."); TransactionManager tm = (TransactionManager) new InitialContext().lookup(JNDI_TRANS_MGR); Transactions.required(tm, new Transactions.Runnable() { public Object run() throws Exception { String username = null; User user = null; try { username = (getUsernameAndPassword())[0]; logger.info("Username = " + username); try { userModule = (UserModule)new InitialContext().lookup("java:portal/UserModule"); logger.info("After getting the UserModule"); roleModule = (RoleModule)new InitialContext().lookup("java:/portal/RoleModule"); logger.info("After getting the RoleModule"); userProfileModule = (UserProfileModule)new InitialContext().lookup("java:portal/UserProfileModule"); logger.info("After getting the UserProfileModule"); membershipModule = (MembershipModule)new InitialContext().lookup("java:portal/MembershipModule"); //logger.info("After getting the MembershipModule"); } catch (NamingException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } /*userModule = getUserModule(); // roleModule = getRoleModule(); //membershipModule = getMembershipModule(); logger.info("After getting the UserModule"); userProfileModule = getUserProfileModule(); logger.info("After getting the UserProfileModule");*/ logger.info("Before getting user from UserModule."); //identitySessionFactory = (SessionFactory)new InitialContext().lookup("java:/portal/IdentitySessionFactory"); //session = identitySessionFactory.openSession(); // transaction = session.beginTransaction(); user = userModule.findUserByUserName(username); logger.info("User ID in the table jbp_users ="+user.getId().toString()); fillContextWithUserProfile(userProfileModule, user); // success = true; return null; } catch(NoSuchUserException nsue) { // User not found, let's create it logger.info("Create new user " + username); HttpServletRequest request = getHttpServletRequest(); logger.info(request.getHeader(Constant.SSO_UID)+","+ request.getHeader(Constant.SSO_GESSOUID)); logger.info("Just about to create User"); user = userModule.createUser( request.getHeader(Constant.SSO_UID),"Pa55word"); // request.getHeader(Constant.SSO_EMAIL)); logger.info("User object is ="+user); logger.info("User created successfully"); if(null == userProfileModule) { userProfileModule = getUserProfileModule(); } fillContextWithUserProfile(userProfileModule, user); Set roleSet = new HashSet(); roleSet.add(getRoleModule().findRoleByName(defaultRoleForNewUser)); membershipModule = getMembershipModule(); membershipModule.assignRoles(user, roleSet); //success = true; return null; } catch (Exception e) { e.printStackTrace(); throw new LoginException("Error in find/create user: " + e.getMessage());
It is working fine upto the red marked line, at that line it is giving the following exception ClassCastException : org.jboss.portal.idetity.db.HibernateRoleModuleImpl.
I configured inside my login-config.xml as below
<policy> <!-- For the JCR CMS --> <application-policy name="cms"> <authentication> <login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/> </authentication> </application-policy> <!-- <application-policy name="portal"> <authentication>--> <!--To configure LDAP support with IdentityLoginModule please check documentation on how to configure portal identity modules for this--> <!-- <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="required"> <module-option name="unauthenticatedIdentity">guest</module-option> <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option> <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option> <module-option name="additionalRole">Authenticated</module-option> <module-option name="password-stacking">useFirstPass</module-option> </login-module>--> <application-policy name="portal"> <authentication> <login-module code="com.ge.health.jboss.portal.security.jaas.SsoLoginModule" flag="required"> <module-option name="unauthenticatedIdentity">guest</module-option> <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option> <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option> <module-option name="additionalRole">Authenticated</module-option> <module-option name="password-stacking">useFirstPass</module-option> <module-option name="defaultRole">User</module-option> </login-module>[/code}] when i try to login i am getting the 403 error saying authentication failed. Can any one help me to reslove this issue.