[jboss-user] [JBoss Portal] - Custem JAAS IdentityLoginModule
PVApparao
do-not-reply at jboss.com
Wed Sep 19 09:06:28 EDT 2007
Hi I am using the following code to authenticate users to my portal.
public class SsoLoginModule extends IdentityLoginModule
| {
| private static final Logger logger = Logger.getLogger(SsoLoginModule.class);
| private static final String DEFAULT_USER_ROLE = "User";
| private static final String JNDI_TRANS_MGR = "java:/TransactionManager";
| private static final String POLICY_CONTEXT_HTTP_SERVLET =
| "javax.servlet.http.HttpServletRequest";
| private static final String OPTION_NAME_DEFAULT_ROLE = "defaultRole";
| private static final String OPTION_NAME_ROLE_MOD_JNDI = "roleModuleJNDIName";
|
|
|
|
| // public static final short UNDEFINED_TIMEZONE = (short)0;
|
| protected String defaultRoleForNewUser = DEFAULT_USER_ROLE;
| protected String roleModuleJNDIName;
| private RoleModule roleModule = null;
| private UserModule userModule = null;
| private UserProfileModule userProfileModule = null;
| private MembershipModule membershipModule = null;
| private Transaction transaction;
| private SessionFactory identitySessionFactory;
| private boolean success;
| private Session session;
|
| /**
| * Initialize the login module.
| * @param subject Authentication subject
| * @param callbackHandler Callback handler for the login module
| * @param sharedState Shared State Map
| * @param options Configuration options of the login module
| */
| public void initialize(Subject subject, CallbackHandler callbackHandler,
| Map sharedState, Map options) {
| super.initialize(subject, callbackHandler, sharedState, options);
| logger.info("Initializing login module.");
| String specifiedDefaultRole=(String)options.get(OPTION_NAME_DEFAULT_ROLE);
| if (!isNullOrEmpty(specifiedDefaultRole)) {
| defaultRoleForNewUser = specifiedDefaultRole;
| }
| roleModuleJNDIName = (String)options.get(OPTION_NAME_ROLE_MOD_JNDI);
| logger.info("Role module JNDI = "+roleModuleJNDIName);
| }
|
| /**
| * Perform log in process.
| */
| public boolean login() throws LoginException {
| logger.info("Inside login.");
| createUserIfNew();
| return super.login();
| }
|
| /**
| * Create user if user does not exist.
| */
| protected void createUserIfNew() throws LoginException {
| try {
| logger.info("Inside createUserIfNew.");
| TransactionManager tm = (TransactionManager)
| new InitialContext().lookup(JNDI_TRANS_MGR);
| Transactions.required(tm, new Transactions.Runnable() {
| public Object run() throws Exception {
| String username = null;
| User user = null;
| try {
| username = (getUsernameAndPassword())[0];
| logger.info("Username = " + username);
|
| try {
|
| userModule = (UserModule)new InitialContext().lookup("java:portal/UserModule");
| logger.info("After getting the UserModule");
| roleModule = (RoleModule)new InitialContext().lookup("java:/portal/RoleModule");
| logger.info("After getting the RoleModule");
| userProfileModule = (UserProfileModule)new InitialContext().lookup("java:portal/UserProfileModule");
| logger.info("After getting the UserProfileModule");
| membershipModule = (MembershipModule)new InitialContext().lookup("java:portal/MembershipModule");
| //logger.info("After getting the MembershipModule");
| } catch (NamingException e1) {
| // TODO Auto-generated catch block
| e1.printStackTrace();
| }
| /*userModule = getUserModule();
| // roleModule = getRoleModule();
| //membershipModule = getMembershipModule();
| logger.info("After getting the UserModule");
| userProfileModule = getUserProfileModule();
| logger.info("After getting the UserProfileModule");*/
| logger.info("Before getting user from UserModule.");
| //identitySessionFactory = (SessionFactory)new InitialContext().lookup("java:/portal/IdentitySessionFactory");
| //session = identitySessionFactory.openSession();
| // transaction = session.beginTransaction();
| user = userModule.findUserByUserName(username);
| logger.info("User ID in the table jbp_users ="+user.getId().toString());
| fillContextWithUserProfile(userProfileModule, user);
| // success = true;
| return null;
| }
| catch(NoSuchUserException nsue) {
| // User not found, let's create it
| logger.info("Create new user " + username);
| HttpServletRequest request = getHttpServletRequest();
| logger.info(request.getHeader(Constant.SSO_UID)+","+
| request.getHeader(Constant.SSO_GESSOUID));
| logger.info("Just about to create User");
| user = userModule.createUser(
| request.getHeader(Constant.SSO_UID),"Pa55word");
| // request.getHeader(Constant.SSO_EMAIL));
| logger.info("User object is ="+user);
| logger.info("User created successfully");
| if(null == userProfileModule) {
| userProfileModule = getUserProfileModule();
|
| }
| fillContextWithUserProfile(userProfileModule, user);
| Set roleSet = new HashSet();
| roleSet.add(getRoleModule().findRoleByName(defaultRoleForNewUser));
| membershipModule = getMembershipModule();
| membershipModule.assignRoles(user, roleSet);
| //success = true;
| return null;
| }
| catch (Exception e) {
| e.printStackTrace();
| throw new LoginException("Error in find/create user: " +
| e.getMessage());
It is working fine upto the red marked line, at that line it is giving the following exception ClassCastException : org.jboss.portal.idetity.db.HibernateRoleModuleImpl.
I configured inside my login-config.xml as below
| <policy>
| <!-- For the JCR CMS -->
| <application-policy name="cms">
| <authentication>
| <login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
| </authentication>
| </application-policy>
|
| <!-- <application-policy name="portal">
| <authentication>-->
|
| <!--To configure LDAP support with IdentityLoginModule please check documentation on how to
| configure portal identity modules for this-->
| <!-- <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="required">
| <module-option name="unauthenticatedIdentity">guest</module-option>
| <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
| <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
| <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
| <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
| <module-option name="additionalRole">Authenticated</module-option>
| <module-option name="password-stacking">useFirstPass</module-option>
| </login-module>-->
|
|
| <application-policy name="portal">
| <authentication>
| <login-module code="com.ge.health.jboss.portal.security.jaas.SsoLoginModule" flag="required">
| <module-option name="unauthenticatedIdentity">guest</module-option>
| <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
| <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
| <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
| <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
| <module-option name="additionalRole">Authenticated</module-option>
| <module-option name="password-stacking">useFirstPass</module-option>
| <module-option name="defaultRole">User</module-option>
| </login-module>[/code}]
|
|
|
| when i try to login i am getting the 403 error saying authentication failed.
|
|
| Can any one help me to reslove this issue.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4086090#4086090
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4086090
More information about the jboss-user
mailing list