-
1. Re: JBoss Security Changing the role in subject
I would guess, the JaasSecurityManager is caching principal and credential information from last successful login.
See http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html_single/index.html
Regards,
Bernd
-
2. Re: JBoss Security Changing the role in subject
Thanks Brend. I will check url you suggested and get back to you.
Kind Regards
Kiran
-
3. Re: JBoss Security Changing the role in subject
Hi,
After searching in the forums i found foloowing code and modified to my requirements. Seems to be fine in EJB layer but coming to web layer the new role reflecting in Subject but Authorization check is not taking with this new role in the subject. Any suggestions are welcome. I'm pasting my code here.
try{
Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
Set<Principal> set = subject.getPrincipals();
Iterator itr = set.iterator();
while (itr.hasNext()){
Principal obj = (Principal) itr.next();
System.out.println("Principal Class Name: *************" +obj.getClass());
System. out.println("Principal Name: *************" +obj.getName());
if(obj instanceof SimpleGroup) {
Enumeration<Principal> enm = ((SimpleGroup) obj).members();while (enm.hasMoreElements()) {
Principal p = (Principal) enm.nextElement();
System. out.println("Group Member Principal Class Name: *************" +p.getClass());
System. out.println("Group Member Principal Name: *************" +p.getName());
}
if(((SimpleGroup) obj).isMember(new org.jboss.security.SimplePrincipal("rolename" )))
{
((SimpleGroup) obj).removeMember(new org.jboss.security.SimplePrincipal("rolename"));
((SimpleGroup) obj).addMember( new org.jboss.security.SimplePrincipal("testrole"));
}
}
}
}
catch (PolicyContextException e) {
}
// TODO : handle exception