1 Reply Latest reply on Jan 20, 2013 8:17 AM by danielft

    Custom role in custom login module

    danielft
    danielft Jan 19, 2013 11:40 AM

      Hello

       

       

      I`ve devepoed a custom login module that add a custom role in principal.

       

      The problem is that jboss ignore my role. Files>

       

       

      public class LeveJaasGroupPrincipal implements Group {
 nane ....
}

       

       

      public class LeveJaasLoginModule implements LoginModule {
...
  public boolean commit() throws LoginException {
       subject.getPrincipals().add(currentUser); 
       subject.getPrincipals().addAll(currentUser.getGroups()); 
       subject.getPublicCredentials().addAll(currentUser.getGroups()); // works fine. Add a LeveJaasGroupPrincipal with name LeveUser
 }
...
}

      web.xml

       

       

       

      
<security-role>




<description>Main Group</description>




<role-name>LeveUser</role-name>


</security-role>




<security-constraint>




<web-resource-collection>






<web-resource-name>All resources</web-resource-name>






<description>Protects all resources</description>






<url-pattern>/*</url-pattern>




</web-resource-collection>




<auth-constraint>






<role-name>LeveUser</role-name>




</auth-constraint>


</security-constraint>






<login-config>




<auth-method>FORM</auth-method>




<realm-name>LeveAuthDomain</realm-name>




<form-login-config>






<form-login-page>/WEB-INF/login.jsp</form-login-page>






<form-error-page>/WEB-INF/loginError.jsp</form-error-page>




</form-login-config>


</login-config>

       

       

      After logi a got the error "HTTP Status 403 - Access to the requested resource has been denied"

       

      What should i do to jboss recognize my group type?

      • 470 Views
      • Tags:
        • 1. Re: Custom role in custom login module
          danielft
          danielft Jan 20, 2013 8:17 AM (in response to danielft)

          ok, after a long debugging nigh, i found it:

           

          I  just need to add a main group called "Roles" (org.jboss.security.SecurityConstants.ROLES_IDENTIFIER in fact).

           

          code:

           

          LeveJaasGroupPrincipal mainGroup = new LeveJaasGroupPrincipal();

          mainGroup.setName("Roles");

          for(Group g:  currentUser.getGroups()){

               mainGroup.addMember(g);

          }

          subject.getPrincipals().add(mainGroup);

           

          I dont know if there is a better solution to do it, but it solve my problem

            • Actions