-
1. Re: JBOSS Portal Security
I have resolved this pb in 2009, the answer was :
In authentifiction module :
---------------------------------------
String WEB_REQUEST_KEY = "javax.servlet.http.HttpServletRequest";
HttpServletRequest request;
String j_role = null;
String j_user = null;
String j_password = null;
try {
request = (HttpServletRequest) PolicyContext.getContext(WEB_REQUEST_KEY);
j_role = request.getParameter("j_role");
j_user = request.getParameter("j_username");
j_password = request.getParameter("j_password");
this.callbackHandler = new customCallbackHandler(j_user, j_password, j_role);
} catch (PolicyContextException e) {
throw new FailedLoginException("Technical Error");
}
In the customCallbackHandler class :
------------------------------------------------------
public class customCallbackHandler implements CallbackHandler {
...............;
@Override
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof TextOutputCallback) {
// display the message according to the specified type
TextOutputCallback toc = (TextOutputCallback) callbacks[i];
switch (toc.getMessageType()) {
case TextOutputCallback.INFORMATION:
System.out.println(toc.getMessage());
break;
case TextOutputCallback.ERROR:
System.out.println("ERROR: " + toc.getMessage());
break;
case TextOutputCallback.WARNING:
System.out.println("WARNING: " + toc.getMessage());
break;
default:
throw new IOException("Unsupported message type: "
+ toc.getMessageType());
}
} else if (callbacks[i] instanceof TextInputCallback) {
// prompt the text imput for a role
TextInputCallback tic = (TextInputCallback) callbacks[i];
tic.setText(role);
} else if (callbacks[i] instanceof NameCallback) {
// prompt the user for a username
NameCallback nc = (NameCallback) callbacks[i];
nc.setName(username);
} else if (callbacks[i] instanceof PasswordCallback) {
// prompt the user for sensitive information
PasswordCallback pc = (PasswordCallback) callbacks[i];
pc.setPassword(password.toCharArray());
} else {
throw new UnsupportedCallbackException(callbacks[i],
"Unrecognized Callback");
}
}
}
In the view class :
--------------------------
public boolean isUserInRoleAdministrator() {
FacesContext ctx = FacesContext.getCurrentInstance();
Object request = ctx.getExternalContext().getRequest();
if (request instanceof RenderRequest) {
List<String> roles = (List<String>) ((RenderRequest) request).getPortletSession(false).getAttribute("roles");
if (null != roles)
return roles.contains(ADMINISTRATOR);
} else if (request instanceof HttpServletRequest) {
List<String> roles = (List<String>) ((HttpServletRequest) request).getSession(false).getAttribute(ATTRIBUTE_ROLES);
if (null != roles)
return roles.contains(ADMINISTRATOR);
} else if (request instanceof ResourceRequest) {
List<String> roles = (List<String>) ((ResourceRequest) request).getPortletSession().getAttribute("roles");
if (null != roles)
return roles.contains(ADMINISTRATOR);
}
public String getUserConnected() {
if (null != FacesContext.getCurrentInstance().getExternalContext() && null != FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal())
return FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal().getName();
else
return null;
}