2 Replies Latest reply on Mar 5, 2008 4:16 PM by whafrog

Security role re-assignment

whafrog Feb 19, 2008 4:19 PM

I'm in the midst of converting a weblogic webapp to jboss. The weblogic app makes heavy use of a feature in weblogic.xml where you can assign a group of security roles to a new role for internal use in the app, eg:

<security-role-assignment>
 <role-name>any-user</role-name>
 <principal-name>Admin</principal-name>
 <principal-name>Agents</principal-name>
 <principal-name>Partners</principal-name>
 </security-role-assignment>

I can then use HttpServletRequest.isUserInRole("any-user") instead of checking for each.

Is there an equivalent feature in JBoss? Or am I faced with putting long strings of "or"s in my code?

TIA,

Jon

1. Re: Security role re-assignment

ragavgomatam Feb 24, 2008 8:14 PM (in response to whafrog)

Check this out from jboss-web.xml

<!--
 The security-role element contains the definition of a security role.
 The definition consists of an the security role name and principal name element(s).

Used in: jboss-web

Example:
 <security-role>
 <role-name>Manager</role-name>
 <principal-name>j2ee</principal-name>
 <principal-name>javajoe</principal-name>
 </security-role>
-->

2. Re: Security role re-assignment

whafrog Mar 5, 2008 4:16 PM (in response to whafrog)

Thanks ragavgomatam, not sure how I missed that!
Actions

Go to original post