2 Replies Latest reply on Feb 9, 2005 9:46 AM by Dan Thompson

    JBoss and struts

    Said Lakhloufi Newbie

      I am new to JAAS. I try to use my own loginaction instead j_security_check. The problem is request.isUserInRole() always returns false for all roles. Can somebody tell me what i do wrong?

      ------login-config.xml-----------------------
      <application-policy name="MyRealm">

      <!-- <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required"> -->
      <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
      <module-option name="java.naming.factory.initial">
      com.sun.jndi.ldap.LdapCtxFactory
      </module-option>
      <module-option name="java.naming.provider.url">
      ldap://localhost:389/
      </module-option>
      <module-option name="java.naming.security.authentication">
      simple
      </module-option>
      <module-option name="principalDNPrefix">uid=</module-option>
      <module-option name="principalDNSuffix">
      ,ou=Site-159,dc=abercane
      </module-option>

      <module-option name="rolesCtxDN">
      ou=Roles,ou=Site-159,dc=abercane
      </module-option>
      <module-option name="uidAttributeID">uniqueMember</module-option>
      <module-option name="matchOnUserDN">true</module-option>

      <module-option name="roleAttributeID">cn</module-option>
      <module-option name="roleAttributeIsDN">false</module-option>
      </login-module>

      </application-policy>

      ----------end login-config.xml------------



      ------------- action class----------------------
      /*
      * Created on Jan 21, 2005
      *
      * TODO To change the template for this generated file go to Window -
      * Preferences - Java - Code Style - Code Templates
      */

      import java.security.Principal;
      import java.security.acl.Group;
      import java.util.Enumeration;
      import java.util.Set;

      import javax.security.auth.Subject;
      import javax.security.auth.callback.CallbackHandler;
      import javax.security.auth.login.LoginContext;
      import javax.security.auth.login.LoginException;
      import javax.servlet.http.HttpServletRequest;
      import javax.servlet.http.HttpServletResponse;
      import javax.servlet.http.HttpSession;

      import org.apache.struts.action.Action;
      import org.apache.struts.action.ActionForm;
      import org.apache.struts.action.ActionForward;
      import org.apache.struts.action.ActionMapping;

      import org.apache.struts.action.ActionMessages;
      import org.jboss.security.SecurityAssociation;
      import org.jboss.security.SimplePrincipal;
      import org.jboss.security.auth.callback.SecurityAssociationHandler;


      public final class UserLogonAction extends Action {

      public ActionForward execute(ActionMapping mapping, ActionForm form,
      HttpServletRequest request, HttpServletResponse arg3)
      throws Exception {
      HttpSession session = request.getSession(false);
      Subject subject = null;

      if (session == null) {
      request.getSession(true);
      }
      UserLoginForm mform = (UserLoginForm) form;
      ActionMessages errors = mform.validate(mapping, request);
      String userName = mform.getUserName();
      String password = mform.getPassword();

      try {
      SecurityAssociationHandler handler = new SecurityAssociationHandler();
      Principal principal = new SimplePrincipal(userName);
      handler.setSecurityInfo(principal, password.toCharArray());
      LoginContext loginContext = new LoginContext("MyRealm",
      (CallbackHandler) handler);
      loginContext.login();
      subject = loginContext.getSubject();


      SecurityAssociation.setPrincipal(principal);
      SecurityAssociation.setCredential(password.toCharArray());
      SecurityAssociation.setSubject(subject);

      } catch (LoginException e) {
      System.out.println("Error LoginException: " + e);
      }

      if (request.isUserInRole("Admin")) {
      return mapping.findForward("Admin");
      } else if (request.isUserInRole("ViewBills")) {
      return mapping.findForward("ViewBills");
      } else {
      return mapping.findForward("failure");
      }

      }
      }
      -------------- end ---------------------------------