2 Replies Latest reply on Oct 24, 2005 11:52 AM by Erik Sliman

    getUserPrincipal() returns null after successful JAAS Login

    Thomas Joseph Newbie

      Hi All,
      This subject has been raised in the past many times. I have gone through
      almost all, but none could solve my problem. Also to mention that, those
      discussions were on earlier versions of JBoss.

      I am using JBoss v 4.0.2,.I have implemented form-based authentication,
      in which the form submits to a Servlet which performs the authentication.
      Without any problem, the login happens, however I am getting
      request.getUserPrincipal() as null. I also check for the roles, that always
      return false even for the successful logins (This must be obvious, as
      principal is null. If not please do explain that too!)

      Below are my code snippets:
      ******************* Login Servlet ******************************

      public class LoginServlet extends HttpServlet
      {
       public void doPost(HttpServletRequest request, HttpServletResponse
      response) throws IOException
      
       { // ...
      
       SecurityAssociationHandler handler = new SecurityAssociationHandler();
       Principal user = new SimplePrincipal(username);
       handler.setSecurityInfo(user, password.toCharArray());
      
       try
       {
       LoginContext loginContext = new LoginContext("ODBCRealm",
      (CallbackHandler)handler);
       loginContext.login();
       Subject subject = loginContext.getSubject();
       Set principals = subject.getPrincipals();
       principals.add(user);
      
       title = "Login Suceess";
       message="<h1>Login Success</h1>";
       message = message + "<br/>Hi "+request.getUserPrincipal()+" !";
       message = message + "Servlet: : You belong to the following roles:<br/> <blockquote><ol>";
       if(request.isUserInRole("admin"))
       {
       message = message +"<li>admin,</li> ";
       }
      
       if (request.isUserInRole("loginUser"))
       {
       message = message +"<li>loginUser, </li>";
       }
       if (request.isUserInRole("role1"))
       {
       message = message +"<li>role1,</li> ";
       }
       message = message+"</ol></blockquote>";
       }
       catch (LoginException le)
       {
       title = "Login Failed";
       message="<h1>Login Failed</h1>";
       }
       response.setContentType("text/html");
       PrintWriter out = response.getWriter();
       out.println("<html><head><title>"+title+"</title><body>"+message+"</body></h
      tml>");
      
       }
      }

      ************* login-config.xml *******************************
      <policy>
      
       <application-policy name = "client-login">
       <authentication>
       <login-module code = "org.jboss.security.ClientLoginModule"
       flag = "required">
       </login-module>
       </authentication>
       </application-policy>
      
       <application-policy name="ODBCRealm">
       <authentication>
       <login-module
      code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
       <module-option name="dsJndiName">java:/ODBCDS</module-option>
       <module-option name="principalsQuery">
       Select Password from Principals where PrincipalID = ?</module-option>
       <module-option name="rolesQuery">
       Select Role 'Roles', RoleGroup 'RoleGroups' from Roles where
      PrincipalID =?</module-option>
       </login-module>
       </authentication>
       </application-policy>
      
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag = "required" />
       </authentication>
       </application-policy>
      
      <!?Standard tags shipped with JBoss are intact -->
      
      </policy>

      This much code may be enough. If more is required, do ask me. Also
      there was no error message in the logs.

      Any help in this regard would be appretiated

      Thanks in advance