[jboss-jira] [JBoss JIRA] (WFLY-3314) LoginContext does not propagate Login

Tue Jun 10 19:25:15 EDT 2014

    [ https://issues.jboss.org/browse/WFLY-3314?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12975065#comment-12975065 ] 

Ingo Weiss commented on WFLY-3314:
----------------------------------

Hi [~max_kuffs], this is a question for the forums first, https://community.jboss.org/en/wildfly?view=discussions.

> LoginContext does not propagate Login
> -------------------------------------
>
>                 Key: WFLY-3314
>                 URL: https://issues.jboss.org/browse/WFLY-3314
>             Project: WildFly
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>            Reporter: Markus D
>            Assignee: Darran Lofthouse
>
> I am trying to do a manual login in an EJB like the Servlet Request offers.
> So far so good. I implemented the CallbackHandler:
> public class PasswordCallbackHandler implements CallbackHandler {
>     private String username;
>     private char[] password;
>     public PasswordCallbackHandler(String username, char[] password) {
>         super();
>         this.username = username;
>         this.password = password;
>     }
>     public void handle(Callback[] callbacks) throws IOException,
>             UnsupportedCallbackException {
>         if(callbacks == null) {
>             return;
>         }
>         for (int i = 0; i < callbacks.length; i++) {
>             if (callbacks[i] instanceof NameCallback) {
>                 NameCallback nc = (NameCallback) callbacks[i];
>                 nc.setName(username);
>             } else if (callbacks[i] instanceof PasswordCallback) {
>                 PasswordCallback pc = (PasswordCallback) callbacks[i];
>                 pc.setPassword(password);
>             } else {
>                 throw new UnsupportedCallbackException(callbacks[i],
>                         "Unrecognized Callback");
>             }
>         }
>     }
> }
> My Code:
>     PasswordCallbackHandler handler = new PasswordCallbackHandler("user", "password".toCharArray());
>     LoginContext context = new LoginContext("realm", handler);
>     context.login();
> The subject shows:
> Subject:
>     Principal: user
>     Principal: Roles(members:ADMIN,USER)
>     Principal: CallerPrincipal(members:user)
> So the login itself worked. My Question now is what am I doing with it? When I fetch the current principal from the container I still receive anonymous. Tested on JBoss 7.1 and Wildfly.
>     @Resource
>     private SessionContext ctx;
> Principal callerPrincipal = ctx.getCallerPrincipal();
> if(callerPrincipal == null) {
>     return null;
> }
> String name = callerPrincipal.getName(); // Also after login() it returns anonymous.
> So did I misunderstood this functionality or should the container set the principal to the user I logged in?

--
This message was sent by Atlassian JIRA
(v6.2.3#6260)