I my Login struts action class, I am managing to log in using JAAS with a JDBC Realm, using an example I found...
SecurityAssociationHandler handler = new SecurityAssociationHandler();
SimplePrincipal user = new SimplePrincipal(username);
LoginContext loginContext = new LoginContext("targetcom", (CallbackHandler)handler);
Subject subject = loginContext.getSubject();
Set principals = subject.getPrincipals();
It logs in successfully but I was wondering what I need to hold in the session for subsequent Action classes to know that they are logged in.
Should I store the LoginContext object, so I can logout() on a subsequent page ?
Also, once I've logged in, can I simply do a getInitialContext() or do I need to do runAs() ?
Thanks for any help