1 Reply Latest reply on Mar 5, 2014 9:27 AM by Arjan t

    Wildfly LoginModule

    smog Newbie

      Hi,

       

      my problem is: i need to read a cookie with username, afterwards i get corresponding roles for this username via REST. My idea was to write some kind of AuthenticationFilter

       

      @WebFilter(urlPatterns = {"/*"})

      public class AuthenticationFilter implements Filter {

      ...

          @Override

          public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

              final Subject subject = new Subject();

              subject.getPrincipals().add(new SimplePrincipal("1234"));

              try {

                  LoginContext loginContext = new LoginContext("login-ctx", subject);

                  loginContext.login();

                  filterChain.doFilter(servletRequest, servletResponse);

              } catch (Exception ex) {

                  ex.printStackTrace();

              }

          }

      ...

       

      And corresponding LoginModule:

       

      public class CustomLoginModule extends AbstractServerLoginModule {

          @Override

          public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {

              super.initialize(subject, callbackHandler, sharedState, options);

           }

          @Override

          public boolean login() throws LoginException {

              System.out.println(CustomLoginModule.class.getSimpleName() + ".login()");

              return true;

          }

          @Override

          public boolean commit() throws LoginException {

              System.out.println(CustomLoginModule.class.getSimpleName() + ".commit()");

              return true;

          }

          @Override

          public boolean abort() throws LoginException {

              System.out.println(CustomLoginModule.class.getSimpleName() + ".abort()");

              return false;

          }

          @Override

          public boolean logout() throws LoginException {

              System.out.println(CustomLoginModule.class.getSimpleName() + ".logout()");

              return true;

          }

          @Override

          protected Principal getIdentity() {

              try {

                  return createIdentity(subject.getPrincipals().toArray(new Principal[1])[0].getName());

              } catch (Exception e) {

              }

              return null;

          }

          @Override

          protected Group[] getRoleSets() throws LoginException {

              String[] roles = new String[] {"Administrator"};

              Group[] groups = {new SimpleGroup("Roles")};

              for(int r = 0; r < roles.length; r ++) {

                  SimplePrincipal role = new SimplePrincipal(roles[r]);

                  groups[0].addMember(role);

              }

              return groups;

          }

      }

       

      Everything works fine both login and commit methods are called, but this request is not populated with Principal and Roles. getIdentity() and getRoleSets() function are never called.

      What i am doing wrong? Is it legal to call LoginModule in Filter? How can i achieve my goal?

       

      tnx in advance,

       

      best regards!