2 Replies Latest reply on Mar 28, 2016 9:25 AM by CodingFish Wu

    How to use my custom principal when using JAAS in JBOSS

    CodingFish Wu Newbie

      I'm implementing custom JAAS login module.

      In tomcat, I could add context.xml to /META-INF like this:

      <?xml version="1.0" encoding="UTF-8" ?>

      <Context>

           <Realm className="org.apache.catalina.realm.JAASRealm"

                appName="Bookstore"

                userClassNames="jaas.UserPrincipal"

                roleClassNames="jaas.RolePrincipal" />

      </Context>

      But in Jboss-EAP-7.5.0, it doesn't work.

      It's fine when I login using request.login() in servlet:

      protected void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {

         req.login("user123", "pass123");
      }

      This is my custom principal:

      public class RolePrincipal implements Principal {

       

         private String name;

        public RolePrincipal(String name) {

         super();
        this.name = name;
         }

       

         public void setName(String name) {

         this.name = name;
         }

       

         @Override
         public String getName() {

         return name;
         }

       

      }

      Another NamePrincipal is the same.

      In my custom LoginModule, I just simply add principal to subject:

      subject.getPrincipals().add(new UserPrincipal("admin"));

      subject.getPrincipals().add(new RolePrincipal("admin"));

      Although I have add the RolePrincipal to the subject, I still can't access protected resources. I'm sure the problem is that Jboss server can't recognize my custom principal.

      I have spent much time searching the solutions, but failed. Does anyone know how to solve it? Thank you!