[jboss-user] [JBoss Portal] - Re: Calling JAAS

NM-156 do-not-reply at jboss.com
Mon Sep 24 15:44:40 EDT 2007 

OK, question - I spent today reading the Tomcat valve documentation, and I plugged in a simple example that I found in the following post (the response by user tellarsrinivasprabhu):

http://www.jboss.com/index.html?module=bb&op=viewtopic&t=116375

This almost worked. I was able to set the roles within the valve, and I see "Logged in as 'my user'" at the top of the portal page; For test purposes, I added Authenticated, Admin, Users roles to the user (inside of the valve), and I now see Dashboard | Admin | Logout at the top of the portal page, as expected. The login page was bypassed, which is great.

The only problem I have now is that when I click on the Dashboard link, I get a 403 forbidden error. The Admin and Logout links both work correctly.

Does anybody know why I would be getting the 403 code for the dashboard link only? Here is the code in my valve.

Any insight would be greatly appreciated. Thanks!
public void invoke(Request request,Response response) throws java.io.IOException,
  | javax.servlet.ServletException
  |     {
  | 		appLogger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
  | 		appLogger.info("%%%%%% **** CUSTOM SSO VALVE invoke() method BEGIN **** %%%%%%%");
  | 		appLogger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
  | 		
  | 		// super.invoke(request, response);
  | 		
  | 		List roles = new ArrayList();
  | 		
  | 		// Group rolesGroup = new SimpleGroup("Roles");
  | 		// rolesGroup.addMember(new SimplePrincipal("Authenticated"));			// Must add authenticated principle
  | 		// rolesGroup.addMember(new SimplePrincipal("Admin"));					// Grant portal admin rites (Test only)
  | 		// rolesGroup.addMember(new SimplePrincipal("Users"));					// Grant portal Users rites (Test only)
  | 		
  | 		roles.add("Authenticated");
  | 		roles.add("Users");
  | 		roles.add("Admin");
  | 		roles.add("testrole");
  | 		
  | 		//
  | 		
  | 		  Group roleGroup = new SimpleGroup("Roles");
  | 
  | 		  for (int i = 0; i < roles.size(); i++) 
  | 		  {
  | 		  String rname = (String) roles.get(i);
  | 		  Principal p = new SimplePrincipal(rname);
  | 		  roleGroup.addMember(p);
  | 		  }
  | 
  | 		  Subject subj = new Subject();
  | 		  subj.getPrincipals().add(new SimplePrincipal(USER_ID));
  | 		  subj.getPrincipals().add(roleGroup);
  | 		  SecurityAssociation.setSubject(subj);
  | 		  
  | 		request.setUserPrincipal(new GenericPrincipal(request.getContext().getRealm(), USER_ID,PASSWORD, 
  |                                roles));
  | 
  | 		getNext().invoke(request, response);
  | 		
  | 		appLogger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
  | 		appLogger.info("%%%%%% **** CUSTOM SSO VALVE invoke() method COMPLETED **** %%%%");
  | 		appLogger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
  |     }

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4088146#4088146

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4088146

More information about the jboss-user mailing list