2 Replies Latest reply on Aug 10, 2003 9:58 AM by James House

    Finding the Subject in a servlet.

    James House Newbie


      Hi,

      I'm trying to figure out how to get the current JAAS Subject from
      within a Servlet. I'm using JBoss(Jetty) 3.2.1 . I've got the login
      module (org.jboss.security.auth.spi.DatabaseServerLoginModule) working
      fine -- I can get the current principal just fine
      (request.getUserPrincipal()) and check roles ok (request.isUserInRole()).

      I've tried looking for the subject all over, including making calls
      like this from within the servlet:

      Subject sub = Subject.getSubject( AccessController.getContext() );

      But this returns a null.

      Can someone please give me a pointer?

        • 1. Re: Finding the Subject in a servlet.
          James House Newbie


          I should have also mentioned that I have also tried this:

          Subject sub = (Subject)request.getAttribute("j_subject");

          ...which also returns a null

          I have double-checked the entry in the jboss-service.xml for jetty, and the following entry exists:

          j_subject

          thanks for any additional pointers...

          james

          • 2. Re: Finding the Subject in a servlet.
            James House Newbie

            ... I can also see the following in jboss's logs:

            So why can't I find the subject in the request?

            ===================================


            2003-08-10 09:47:56,095 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] authenticated: jhouse
            2003-08-10 09:47:56,105 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] setting JAAS subjectAttributeName(j_subject) : Subject:
            Principal: jhouse
            Principal: Roles(members:user,manager)

            2003-08-10 09:47:58,218 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] authenticating: Name:jhouse Password:****
            2003-08-10 09:47:58,218 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] authenticated: jhouse
            2003-08-10 09:47:58,218 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] JBossUserPrincipal: jhouse is in Role: user
            2003-08-10 09:48:13,039 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] authenticating: Name:jhouse Password:****
            2003-08-10 09:48:13,039 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] authenticated: jhouse
            2003-08-10 09:48:13,039 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] JBossUserPrincipal: jhouse is in Role: user
            2003-08-10 09:48:13,089 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] JBossUserPrincipal: jhouse is in Role: manager
            2003-08-10 09:48:13,099 DEBUG [org.jboss.jetty.security.JBossUserRealm#netops] JBossUserPrincipal: jhouse is in Role: user