This content has been marked as final.
Show 4 replies
-
1. Re: ClientLoginModule works incorectly
rimmeraj Jul 14, 2004 3:45 PM (in response to phantom)IN jboss 3.2.4 it is
see
http://www.jboss.org/index.html?module=bb&op=viewtopic&t=50661 -
2. Re: ClientLoginModule works incorectly
phantom Jul 14, 2004 4:26 PM (in response to phantom)But we use 3.2.5:(
-
3. Re: ClientLoginModule works incorectly
rimmeraj Jul 14, 2004 4:33 PM (in response to phantom)I do not think it changed between the two versions ..
-
4. Re: ClientLoginModule works incorectly
ceasaros Jul 14, 2004 4:48 PM (in response to phantom)It is build in into JBoss 3.2.4 and thus also 3.2.5. I have an application working with my own Principal on both 3.2.4 and 3.2.5.
I added a<module-option name="PrincipalClass>xxx.MyPrincipal</module-option>
If you also want to access your the xxx.MyPrincipal in the webserver environment you need to write you're own LoginModule and add an extra Group to the getUserRoles() method like:... SimpleGroup callerPrincipal = new SimpleGroup("CallerPrincipal"); callerPrincipal.addMember(getIdentity); ...
I'm not sure if I wrote the configuration and java code 100% correct, cause i type what i remember, i don't have an example available right here.
If you have still a problem with the new SimplePrincipal which is created in the login method, why don't you override this login method in you're own LoginModule and fix it you're self.
Even all this there is still one moment where a SimplePrincipal is instantiated and where I also don't have a solution and that is the moment a user logs into on the webserver (tomcat). Inside tomcat a new SimplePrincipal is created and passed to JBoss, after authentication in your LoginModule this SimplePrincipal is changed into your xxx.MyPrincipal. I think the only solution here is to write you're own Realm for Tomcat/JBoss or implement your own JAAS sercurity.