-
1. Re: JBoss Security Changing the role in subject
Bernd Zeitler Mar 9, 2012 2:42 AM (in response to Kiran Nune)I would guess, the JaasSecurityManager is caching principal and credential information from last successful login.
See http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html_single/index.html
Regards,
Bernd
-
2. Re: JBoss Security Changing the role in subject
Kiran Nune Mar 9, 2012 4:35 AM (in response to Bernd Zeitler)Thanks Brend. I will check url you suggested and get back to you.
Kind Regards
Kiran
-
3. Re: JBoss Security Changing the role in subject
Kiran Nune Mar 10, 2012 12:33 AM (in response to Kiran Nune)Hi,
After searching in the forums i found foloowing code and modified to my requirements. Seems to be fine in EJB layer but coming to web layer the new role reflecting in Subject but Authorization check is not taking with this new role in the subject. Any suggestions are welcome. I'm pasting my code here.
try{
Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
Set<Principal> set = subject.getPrincipals();
Iterator itr = set.iterator();
{
Principal obj = (Principal) itr.next();
System.out.println("Principal Class Name: *************" +obj.getClass());
System. out.println("Principal Name: *************" +obj.getName());
if(obj instanceof SimpleGroup) {
Enumeration<Principal> enm = ((SimpleGroup) obj).members();while (enm.hasMoreElements()) {
Principal p = (Principal) enm.nextElement();
System. out.println("Group Member Principal Class Name: *************" +p.getClass());
System. out.println("Group Member Principal Name: *************" +p.getName());
}
if(((SimpleGroup) obj).isMember(new org.jboss.security.SimplePrincipal("rolename" )))
{
((SimpleGroup) obj).removeMember(new org.jboss.security.SimplePrincipal("rolename"));
((SimpleGroup) obj).addMember( new org.jboss.security.SimplePrincipal("testrole"));
}
}
}
}
catch (PolicyContextException e) {
}
// TODO : handle exception