[jboss-jira] [JBoss JIRA] Created: (JBAS-9213) module-option principalClass will be ignored
Michael Feichtegger (JIRA)
jira-events at lists.jboss.org
Fri Apr 1 04:50:39 EDT 2011
module-option principalClass will be ignored
--------------------------------------------
Key: JBAS-9213
URL: https://issues.jboss.org/browse/JBAS-9213
Project: JBoss Application Server
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Security
Affects Versions: 6.0.0.Final
Environment: Windows XP
JBoss AS 6.0.0.Final
JavaSE 1.6.0_17
Reporter: Michael Feichtegger
Assignee: Anil Saldhana
I wrote a custom login module and configured it at {{login-config.xml}} as follows:
{code}
<application-policy name="MyRealm">
<authentication>
<login-module code="com.example.MyLoginModule" flag="required">
<module-option name="principalClass">com.example.UserPrincipal</module-option>
<module-option name="debug">true</module-option>
</login-module>
</authentication>
</application-policy>
{code}
In a second step I wrote a simple JSF application that performs the login using {{HttpServletRequest.login()}} that works very well.
Finally I used {{HttpServletRequest.getUserPrincipal()}} to retrieve the custom principal created during the login process.
On JBoss I'll just get a JBoss internal {{org.jboss.security.SimplePrincipal}} and I have to use {{PolicyContext.getContext("javax.security.auth.Subject.container")}} to get the desired principal.
The custom login module implements {{javax.security.auth.spi.LoginModule}} and is not derived from {{org.jboss.security.auth.spi.UsernamePasswordLoginModule}} since it should work on any JavaEE Container.
As far as I understood the specification the element {{<module-option name="principalClass">}} should be used to achieve this behavior.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list