[jboss-dev-forums] [Design of JBoss Portal] - JACC issues with the portal

[Wyoming]

Hello

We use JBoss (4.0.5.GA) with JACC Authorisation.

When I tried to use the portal (2.6-DR) with JACC I found out some strange behaviour!

The first issue is:
I deployed my own portlet web application called "testportlet.war".
If I call "Request.isUserInRole()" in my portlet and debug down into "DelegatingPolicy.implies()" then i see that the JACC contextID is not "testportlet.war" what I expected. Instead the contextID is:

- "portal-server.war" when I have called the portlet directly in the portal
- "portal-wsrp.war" when I have called the portlet via WSRP

This doesn't make sense because like this the roles used for security checking have to be defined in one or even two of the portal's web.xml files.


If I fix the value of the contextID in the debugger then this leads me to the next problem:

The permissions loaded to the contextID "testportlet.war" do all have a servlet name "" (empty string). But the comparing permission that is created in "JaccAuthorizationRealm.hasRole()" has another servlet name:

- "PortalServletWithPathMapping" calling the portlet directly in the portal
- "MarkupService" when I have called the portlet via WSRP

If I change the servlet name to "" in the debugger then it runs perfectly in both calling cases.

So on my opinion these are bugs or does anyone have an idea how to change the behaviour by changing the configuration.

regards
Marcel



View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4031671#4031671

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4031671