0 Replies Latest reply on Oct 24, 2003 2:42 AM by sys user

    Compulsory SimplePrincipal for "Roles" group

    sys user Master

      Hi,

      I have implemented a customized LoginModule implementing "javax.security.auth.spi.LoginModule" because I'd like a portable LoginModule.
      The authentication is correct but there's a problem in authorization because the "Roles" java.security.acl.Group needs "SimplePrincipal" instances. I've checked it in the method "doesRoleGroupHaveRole" of org.jboss.security.plugins.JaasSecurityManager class. Exactly, the problem is in the following line:
      boolean isMember = userRoles.isMember(role);
      because "role" is a SimplePrincipal but userRoles are not (they are a different implementation of Principal interface).

      When the principal for the roles are "SimplePrincipal" instances, authentication and authorization works correctly, but then I need JBoss libraries (and the portability is a requisite).

      Is there any solution for getting portability?. I think that this is the main objective of JAAS.

      Thanks,
      Jorge