[jboss-dev-forums] [Design of JBoss Portal] - JACC issues with the portal
Wyoming
do-not-reply at jboss.com
Mon Mar 26 12:26:04 EDT 2007
Hello
We use JBoss (4.0.5.GA) with JACC Authorisation.
When I tried to use the portal (2.6-DR) with JACC I found out some strange behaviour!
The first issue is:
I deployed my own portlet web application called "testportlet.war".
If I call "Request.isUserInRole()" in my portlet and debug down into "DelegatingPolicy.implies()" then i see that the JACC contextID is not "testportlet.war" what I expected. Instead the contextID is:
- "portal-server.war" when I have called the portlet directly in the portal
- "portal-wsrp.war" when I have called the portlet via WSRP
This doesn't make sense because like this the roles used for security checking have to be defined in one or even two of the portal's web.xml files.
If I fix the value of the contextID in the debugger then this leads me to the next problem:
The permissions loaded to the contextID "testportlet.war" do all have a servlet name "" (empty string). But the comparing permission that is created in "JaccAuthorizationRealm.hasRole()" has another servlet name:
- "PortalServletWithPathMapping" calling the portlet directly in the portal
- "MarkupService" when I have called the portlet via WSRP
If I change the servlet name to "" in the debugger then it runs perfectly in both calling cases.
So on my opinion these are bugs or does anyone have an idea how to change the behaviour by changing the configuration.
regards
Marcel
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4031671#4031671
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4031671
More information about the jboss-dev-forums
mailing list