1 2 Previous Next 23 Replies Latest reply on Oct 16, 2011 5:05 PM by spring Go to original post
      • 15. Re: Programmatic Authentication in JBoss?
        lujop

         

        "anil.saldhana@jboss.com" wrote:
        This feature will be available in 4.2.0.GA

        I was thinking about ways to adequately test this. For now, after the web authentication in a servlet, I check for two things:
        request.getUserPrincipal != null
        and
        request.isUserInRole(role) == true

        Any thoughts on how this can be tested further? (No JSF, struts etc ideas please).


        I think that this test is nice.

        Only for clarification. With this I can have a servlet in a unprotected area of the realm XXXX. And I can arbritally call login(String username, Object credential) and that will be Intercepted with a LoginModule?¿ Or can I put directly a user/role?¿

        A little sample in the wiki of a simple usage of that module to authentificate will be very apreciated. I think that using a unprotected servlet to put the credentials will be a very nice one.

        A lot of thanks in advance,

        • 16. Re: Programmatic Authentication in JBoss?
          ryoung2504

          FYI - I've taken the code from head and retro-fitted it to 4.0.5GA and it works perfectly.

          • 17. Re: Programmatic Authentication in JBoss?
            alllle

            According to the wiki, the latest update to this class works with Tomcat SingleSignOn.

            Does it also work with the SingleSignOn in the JBoss clustered environment?

            • 18. Re: Programmatic Authentication in JBoss?
              sm2000

               

              "ryoung2504" wrote:
              FYI - I've taken the code from head and retro-fitted it to 4.0.5GA and it works perfectly.


              Can you provide me the modified source file for 4.0.5? I have the similar requirement of Programatic authentication in jboss 4.0.5 GA.

              What changes are required to make it work in 4.0.5?

              Appreciated your response.

              • 19. Re: Programmatic Authentication in JBoss?
                sm2000

                Hi,

                I am again requesting the forum experts.

                Is it possible to retro-fit the WebAuthentication implementation in Jboss 4.0.5?

                One of the members mentioned that he did it successfully in 4.0.5 and tested.

                I would appreciate your help.

                • 20. Re: Programmatic Authentication in JBoss?
                  anton_nazaruk

                  is you still need an answer about programmatic web login to jboss 4.0.5 email me (anton.nazaruk@gmail.com), I'll post an answer, I just do not know if it is still relevant

                  • 21. Re: Programmatic Authentication in JBoss?
                    anton_nazaruk

                    if you still need an answer about programmatic web login to jboss 4.0.5 email me (anton.nazaruk@gmail.com), I'll post an answer, I just do not know if it is still relevant

                    • 22. Re: Programmatic Authentication in JBoss?
                      spring

                      I have the same Pb :(
                      could u help me

                      • 23. Re: Programmatic Authentication in JBoss?
                        spring

                        I have resolved this pb in 2009, the answer was :

                         

                        In authentifiction module :

                        ---------------------------------------

                         

                        String WEB_REQUEST_KEY = "javax.servlet.http.HttpServletRequest";

                                HttpServletRequest request;

                                String j_role = null;

                                String j_user = null;

                                String j_password = null;

                                try {

                                    request = (HttpServletRequest) PolicyContext.getContext(WEB_REQUEST_KEY);

                                   

                                    j_role = request.getParameter("j_role");

                                    j_user = request.getParameter("j_username");

                                    j_password = request.getParameter("j_password");

                                  this.callbackHandler = new customCallbackHandler(j_user, j_password, j_role);

                         

                                } catch (PolicyContextException e) {

                                    throw new FailedLoginException("Technical Error");

                                }

                         

                        In the customCallbackHandler class :

                        ------------------------------------------------------

                         

                        public class customCallbackHandler implements CallbackHandler {

                        ...............;

                        @Override

                            public void handle(Callback[] callbacks) throws IOException,

                                    UnsupportedCallbackException {

                               

                                for (int i = 0; i < callbacks.length; i++) {

                                    if (callbacks[i] instanceof TextOutputCallback) {

                         

                                        // display the message according to the specified type

                                        TextOutputCallback toc = (TextOutputCallback) callbacks[i];

                                        switch (toc.getMessageType()) {

                                        case TextOutputCallback.INFORMATION:

                                            System.out.println(toc.getMessage());

                                            break;

                                        case TextOutputCallback.ERROR:

                                            System.out.println("ERROR: " + toc.getMessage());

                                            break;

                                        case TextOutputCallback.WARNING:

                                            System.out.println("WARNING: " + toc.getMessage());

                                            break;

                                        default:

                                            throw new IOException("Unsupported message type: "

                                                    + toc.getMessageType());

                                        }

                         

                                    } else if (callbacks[i] instanceof TextInputCallback) {

                         

                                        // prompt the text imput for a role

                                        TextInputCallback tic = (TextInputCallback) callbacks[i];

                                        tic.setText(role);

                         

                                    } else if (callbacks[i] instanceof NameCallback) {

                         

                                        // prompt the user for a username

                                        NameCallback nc = (NameCallback) callbacks[i];

                                        nc.setName(username);

                         

                                    } else if (callbacks[i] instanceof PasswordCallback) {

                         

                                        // prompt the user for sensitive information

                                        PasswordCallback pc = (PasswordCallback) callbacks[i];

                                        pc.setPassword(password.toCharArray());

                         

                                    } else {

                                        throw new UnsupportedCallbackException(callbacks[i],

                                                "Unrecognized Callback");

                                    }

                                }

                         

                            }

                         

                        In the view class :

                        --------------------------

                         

                        public boolean isUserInRoleAdministrator() {

                         

                        FacesContext ctx = FacesContext.getCurrentInstance();

                                Object request = ctx.getExternalContext().getRequest();

                                if (request instanceof RenderRequest) {

                                    List<String> roles = (List<String>) ((RenderRequest) request).getPortletSession(false).getAttribute("roles");

                                    if (null != roles)

                                        return roles.contains(ADMINISTRATOR);

                                } else if (request instanceof HttpServletRequest) {

                                    List<String> roles = (List<String>) ((HttpServletRequest) request).getSession(false).getAttribute(ATTRIBUTE_ROLES);

                                    if (null != roles)

                                        return roles.contains(ADMINISTRATOR);

                         

                                } else if (request instanceof ResourceRequest) {           

                                    List<String> roles = (List<String>) ((ResourceRequest) request).getPortletSession().getAttribute("roles");

                                    if (null != roles)

                                        return roles.contains(ADMINISTRATOR);

                         

                                }

                         

                        public String getUserConnected() {

                                if (null != FacesContext.getCurrentInstance().getExternalContext() && null != FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal())

                                    return FacesContext.getCurrentInstance().getExternalContext().getUserPrincipal().getName();

                                else

                                    return null;

                            }

                        1 2 Previous Next