[jboss-user] [Security & JAAS/JBoss] - Re: SimplePrincipal ClassCastException
clevelam
do-not-reply at jboss.com
Thu Oct 30 19:41:10 EDT 2008
Moving my LoginModule to a seperate JAR still does not work. I have one correction. The classcastexception does not occur in the CustomLoginModule. It occurs in a servlet(spring controller) that has access to the httprequest object.
The following calls: request.getUserPrincipal().getClass() returns an object of type: org.jboss.security.SimplePrincipal
Where as I am expecting my custom class. I have updated login-config as follows:
<application-policy name = "xxx-Domain">
<login-module code="xxx.xxx.CustomLoginModule"
flag = "required">
<module-option name="principalClassName">
xxx.xxx.CustomPrincipal
</module-option>
<module-option name="principalClass">
xxx.xxx.CustomPrincipal
</module-option>
</login-module>
</application-policy>
I am also using JBoss' WebAuthentication class to have JAAS authentication work with programmatic security.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4185854#4185854
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4185854
More information about the jboss-user
mailing list