[Security & JAAS/JBoss] - Re: Adding roles to user on the fly - jboss-user

Saturday, 29 July 2006

Some additional information.

jboss-web.xml:
<jboss-web>
  |     <security-domain>java:/jaas/testdomain</security-domain>
  | </jboss-web>

...
From login-config.xml: <application-policy
name="testdomain">
  |   <authentication>
  |     <login-module code="com.test.security.SpecialLoginModule1"
flag="required">
  |       <module-option
name="password-stacking">useFirstPass</module-option>
  |       <module-option
name="dsJndiName">java:/DefaultDS</module-option>
  |     </login-module>
  |     <login-module code="com.test.security.SpecialLoginModule2"
flag="required">
  |       <module-option
name="password-stacking">useFirstPass</module-option>
  |       <module-option
name="dsJndiName">java:/DefaultDS</module-option>
  |     </login-module>
  |   </authentication>
  | </application-policy>

Flushing code:
String domain = "testdomain";
  | Principal principal = new SimplePrincipal(user.getUsername());
  | ObjectName jaasMgr = new
ObjectName("jboss.security:service=JaasSecurityManager");
  | Object[] params = { domain, principal };
  | String[] signature = { "java.lang.String", Principal.class.getName() };
  | MBeanServer server = (MBeanServer) MBeanServerFactory.findMBeanServer(null).get(0);
  | server.invoke(jaasMgr, "flushAuthenticationCache", params, signature);

Credentials caching is disabled, after flushing (just in case) Subject is not populated
again (LoginModules are not called again to populate "Roles" group).

I would be grateful for your comments,

Igor

View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3961697#...

Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Security & JAAS/JBoss] - Re: Adding roles to user on the fly