3 Replies Latest reply on Jun 18, 2003 2:49 AM by Sean Radford

    How to login using a particular role?

    nish_dce Newbie

      Hi All,
      I was curious to know if there is any way to assign a particular role to a user's login.
      As I understand,when the user logins-in ,using any login module,he gets assigned all the "roles" defined for him in properties file/Database etc. I wish to assign the user only a "particular" role during login,so that user can access only the methods designated for that particular "role" ,not all the methods assigned to "user's roles" as is possible now.

      Any help would be highly appreciated!

      Thanks in advance,
      Newbie.

        • 1. Re: How to login using a particular role?
          Sean Radford Novice

          So why not just specify that the user in only in role X in your file/database/etc? - then you don't need to do anything with the LoginModule.

          Sean

          • 2. Re: How to login using a particular role?
            nish_dce Newbie

            I understand what u suggested,but the reqmt being that user should be able to access only methods that are available to him during a login for a particular "role".
            The user is allowed multiple roles.He should be able to select a particular roles!

            Hope this clarifies the reqmt bit more!

            Thanks in advance,
            Newbie.

            • 3. Re: How to login using a particular role?
              Sean Radford Novice

              So a user logs in and then selects which 'role' they wish to be, and that governs what they can do? And I presume they can change this 'role' at their will?

              Hmm... Leaves 2 options I guess:

              1. The username/password the user uses is not a real JAAS one, but a fake which you control and then do a lookup to their possible 'roles'. You then log the user in using their selected 'role' which is a Subject in the JAAS sense and has one true role.

              2. When the user logs in (this time a real JAAS username/password) you store their desired 'role' and then in a custom LoginModule only return the Principal(s) that correspond to that 'role'. (You will need to flush the AuthorizationCache whenever the user switches their 'role')

              Anyone else got any good ideas? - I have had a sleepless night with an uncontrolled newly diabetic dog so not at my best!

              Regards,

              Sean