[JBoss Portal] - Re: How can I change default URL after login to portal?
by jpecinov
"swisst" wrote : Okay, so I have been going through the reference guide and I am not really understanding how to do this. There are a few sections that seem relevant:
|
| Chapter 7 - Page specific URL's?
| Chapter 10 - Use the Portal Event API?
| Chapter 21 - Manipulate the request attribute: org.jboss.portal.header.DEFAULT_PORTAL_URL ?
|
| A quick explanation of what I am trying to do might be helpful. We have a completely secure portal with 7 pages, no pages are visible without logging in first. Not all users can see all 7 pages, in fact, they may never have any pages in common.
|
| * Defining 1 default page for the portal is problematic because there is not a common page every user has the authority to see. So, some users will get a 403 when logging in.
|
| * Handing out different URL's based on user authority is not good either, for a variety of reason that I'm sure I don't have to go into.
|
| Based on that, is there a specific strategy in the reference guide that I should focus on?
Yes, I have the same problem. We have no "default" page for all users. And next problem is when user use "one-time" password for login, he should be redirected to password change portlet and all other pages have to be hiden. We want to use special role for one-time password users until they change password (we have our own Identity management modules).
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4088156#4088156
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4088156
18 years, 7 months
[JBoss Portal] - Re: Calling JAAS
by NM-156
OK, question - I spent today reading the Tomcat valve documentation, and I plugged in a simple example that I found in the following post (the response by user tellarsrinivasprabhu):
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=116375
This almost worked. I was able to set the roles within the valve, and I see "Logged in as 'my user'" at the top of the portal page; For test purposes, I added Authenticated, Admin, Users roles to the user (inside of the valve), and I now see Dashboard | Admin | Logout at the top of the portal page, as expected. The login page was bypassed, which is great.
The only problem I have now is that when I click on the Dashboard link, I get a 403 forbidden error. The Admin and Logout links both work correctly.
Does anybody know why I would be getting the 403 code for the dashboard link only? Here is the code in my valve.
Any insight would be greatly appreciated. Thanks!
public void invoke(Request request,Response response) throws java.io.IOException,
| javax.servlet.ServletException
| {
| appLogger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
| appLogger.info("%%%%%% **** CUSTOM SSO VALVE invoke() method BEGIN **** %%%%%%%");
| appLogger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
|
| // super.invoke(request, response);
|
| List roles = new ArrayList();
|
| // Group rolesGroup = new SimpleGroup("Roles");
| // rolesGroup.addMember(new SimplePrincipal("Authenticated")); // Must add authenticated principle
| // rolesGroup.addMember(new SimplePrincipal("Admin")); // Grant portal admin rites (Test only)
| // rolesGroup.addMember(new SimplePrincipal("Users")); // Grant portal Users rites (Test only)
|
| roles.add("Authenticated");
| roles.add("Users");
| roles.add("Admin");
| roles.add("testrole");
|
| //
|
| Group roleGroup = new SimpleGroup("Roles");
|
| for (int i = 0; i < roles.size(); i++)
| {
| String rname = (String) roles.get(i);
| Principal p = new SimplePrincipal(rname);
| roleGroup.addMember(p);
| }
|
| Subject subj = new Subject();
| subj.getPrincipals().add(new SimplePrincipal(USER_ID));
| subj.getPrincipals().add(roleGroup);
| SecurityAssociation.setSubject(subj);
|
| request.setUserPrincipal(new GenericPrincipal(request.getContext().getRealm(), USER_ID,PASSWORD,
| roles));
|
| getNext().invoke(request, response);
|
| appLogger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
| appLogger.info("%%%%%% **** CUSTOM SSO VALVE invoke() method COMPLETED **** %%%%");
| appLogger.info("%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%");
| }
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4088146#4088146
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4088146
18 years, 7 months