[jboss-user] [Security & JAAS/JBoss] - Re: Error 403 when using DatabaseServerLoginModule

[jaikiran]

I havent used Seam and Facelets and am ill-equipped to give you the exact answers.

anonymous wrote : It seems that the page is not correctly rendered when the above code is used.
  | 
Any errors that you are seeing when the page is rendered?

anonymous wrote : I have come across Custom JAAS Login Modules but would like to know if there a simple way first before implementing this !!
  | 

Going by what you have mentioned so far in this thread, i dont see a need for you to implement a Custom JAAS login module.

anonymous wrote : I need to display certain links only if the User has Admin priviledges...How can i Check which UserRole has been assigned to the session in the XHTML file itself like this 
  | where ### should be the condition to check 

As i already mentioned, i dont know how you will do it in that XHTML page, but here's what you can do using the request object:


  | String userName = request.getRemoteUser; //will give you the user who has logged in, if any
  | 
  | if (request.isUserInRole("Admin") ) {
  |   System.out.println("User: " + userName + " has admin privilege");
  | } else {
  |   System.out.println("User: " + userName + " does NOT have admin privilege");
  | }
  | 


Have a look at:
http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/http/HttpServletRequest.html#getRemoteUser()
and
http://java.sun.com/j2ee/sdk_1.3/techdocs/api/javax/servlet/http/HttpServletRequest.html#isUserInRole(java.lang.String)
for more details.


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983441#3983441

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3983441