3 Replies Latest reply on Mar 19, 2003 11:33 AM by John Fortin

    Where is my Custom Principal?

    John Fortin Newbie

      I have a JAAS Login Module which uses a custom principal.

      Group callerPrincipalGroup = new MWareACLGroup("CallerPrincipal");
      System.out.println("PrincipalGroup: "+callerPrincipalGroup.getName());
      System.out.println("PrincipalGroupToString: "+callerPrincipalGroup.toString());
      callerPrincipalGroup.addMember(principal);
      principals.add(callerPrincipalGroup);


      The seems to do the proper thing in JaasSecurityManager. I put debugging code in there and info.callerPrinciple does get set correctly. However, it seems to get lost with the request.getUserPrincipal call. I still get
      'org.jboss.jetty.security.JBossUserRealm$JBossUserPrincipal'

      Where is the hook between JaasSecurityManager and request.getUserPrincipal?

      I am using JBoss 3.0.6 with Jetty.

      --John Fortin

        • 1. Re: Where is my Custom Principal?
          Peter Doornbosch Apprentice

          > Where is the hook between JaasSecurityManager and
          > request.getUserPrincipal?

          Well, i'm afraid there isn't. The integration between Jetty and JBoss (JBossUserRealm) creates its own principal object, because it must implement jetty's UserPrincipal interface.
          I'm afraid this is hard to change because of the way security is implemented in Jetty.

          Maybe, Greg or Jules can comment on this....

          Regards,
          Peter.

          • 2. Re: Where is my Custom Principal?
            John Fortin Newbie

            So it is not possible to create an application which uses a customized principle? To me that seems to be a big disadvantage to using JBoss. We have data which must be returned to out applications in the principle object. Without being able to do that, we cannot develop with JBoss, and we definately cannot use it in a production environment.

            Currently we are able to to this using Weblogic.

            • 3. Re: Where is my Custom Principal?
              John Fortin Newbie

               

              "fortinj" wrote:
              BTW, I also tried this with JBoss/Tomcat with the same type os issue except that I get a SimplePrincipal instead of my custom principal.

              --John