0 Replies Latest reply on Dec 21, 2010 6:47 AM by Max Power

    Struggling with custom policy checking

    Max Power Newbie

      I am struggling with the following task for days now:

       

      I got a custom JAAS Login Module that is doing my user authentication.

      I integrated this Module by placing a security domain configuration (application-policy) in login-config.xml.

      This works very well.

       

      Next step would be to manage programatic permission handling.

       

      I would like to do this in the described way:

      - In commit method of login module, some custom type permissions are fetched from an external database.

      - This permissions are stored in the subject's credentials.

      - The access to different EJBs or code fragments should be granted or denied depending on a complex logic. Therefore I need to implement/overwrite the checkPermission method of the security manager.

       

      Unfortunately I did not manage to do so.

       

      What I already tried:

       

      - Write a custom Security Manager that extends org.jboss.security.SubjectSecurityManager, org.jboss.security.RealmMapping, and Serializable

      I put the jar in "jboss/lib" and "jboss/common/lib" and changed the value of "SecurityManagerClassname" attribute of "JaasSecurityManagerService" mbean in jboss-service.xml to my implementation - without success. My clas wasn't invoked.

       

      - Write a custom DelegatingPolicy class that extends DelegatingPolicy

      When I try to invoke this class in my login-config.xml, I got an exception that this class was not initialized when the security domain is accessed.

       

      Any help would be great !