[jboss-user] [Security & JAAS/JBoss] - Re: HTTP Auth & callerPrincipal
joshd
do-not-reply at jboss.com
Fri Mar 7 09:31:25 EST 2008
Ok, my User class implements Principal already. But this part I dont get:
anonymous wrote : [..] Principal interface and instantiate it in your LoginModule. So now your UserObj becomes the type Principal & you are set.
|
My LoginModule extends UserPasswordLoginModul, and I just override initialize (just saying super.initialize and inject my SecurityManagerBean) and getUsersPossword and getRoleSets (both using the manager for retrieving the needed infos). So where to set explicitly the User i.e. the Principal?!
Do I have to implement my own LoginModule completely (initialize, login, commit etc)?
regards, josh
| public class LoomLoginModule extends UsernamePasswordLoginModule
| {
| private mySecurityManager securityManager;
| private User user;
|
| /**
| * initializes superclass context
| */
| public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
| {
| this.user = new User();
| super.initialize(subject, callbackHandler, sharedState, options);
|
| try
| {
| //..inject my securityManager
| }
| }
|
| /**
| *
| */
| protected Group[] getRoleSets() throws LoginException
| {
| if (user == null)
| throw new LoginException("user " + super.getUsername() + " does not exist");
| return this.securityManager.getRoleSets(user.getId());
| }
|
| /**
| *
| */
| protected String getUsersPassword() throws LoginException
| {
| String[] userInput = {"", ""};
| userInput = super.getUsernameAndPassword();
| this.user = this.securityManager.login(userInput[0], userInput[1]);
| if (user == null)
| throw new LoginException("user " + super.getUsername() + " does not exist");
|
| return userInput[1];
| }
| }
|
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4134859#4134859
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4134859
More information about the jboss-user
mailing list