0 Replies Latest reply on Dec 8, 2003 11:28 AM by davehorner

    Login with JAAS

    davehorner Newbie

      Hi,
      I my Login struts action class, I am managing to log in using JAAS with a JDBC Realm, using an example I found...

      SecurityAssociationHandler handler = new SecurityAssociationHandler();
      SimplePrincipal user = new SimplePrincipal(username);
      handler.setSecurityInfo(user, password.toCharArray());
      LoginContext loginContext = new LoginContext("targetcom", (CallbackHandler)handler);
      loginContext.login();
      Subject subject = loginContext.getSubject();
      Set principals = subject.getPrincipals();
      principals.add(user);

      It logs in successfully but I was wondering what I need to hold in the session for subsequent Action classes to know that they are logged in.
      Should I store the LoginContext object, so I can logout() on a subsequent page ?

      Also, once I've logged in, can I simply do a getInitialContext() or do I need to do runAs() ?

      Thanks for any help
      Dave