[jboss-jira] [JBoss JIRA] (WFLY-3314) LoginContext does not propagate Login

Markus D (JIRA) issues at jboss.org
Mon May 5 09:10:57 EDT 2014 

Markus D created WFLY-3314:
------------------------------

             Summary: LoginContext does not propagate Login
                 Key: WFLY-3314
                 URL: https://issues.jboss.org/browse/WFLY-3314
             Project: WildFly
          Issue Type: Bug
      Security Level: Public (Everyone can see)
            Reporter: Markus D
            Assignee: Jason Greene


I am trying to do a manual login in an EJB like the Servlet Request offers.

So far so good. I implemented the CallbackHandler:

public class PasswordCallbackHandler implements CallbackHandler {
    private String username;
    private char[] password;

    public PasswordCallbackHandler(String username, char[] password) {
        super();
        this.username = username;
        this.password = password;
    }

    public void handle(Callback[] callbacks) throws IOException,
            UnsupportedCallbackException {
        if(callbacks == null) {
            return;
        }

        for (int i = 0; i < callbacks.length; i++) {
            if (callbacks[i] instanceof NameCallback) {
                NameCallback nc = (NameCallback) callbacks[i];
                nc.setName(username);
            } else if (callbacks[i] instanceof PasswordCallback) {
                PasswordCallback pc = (PasswordCallback) callbacks[i];
                pc.setPassword(password);
            } else {
                throw new UnsupportedCallbackException(callbacks[i],
                        "Unrecognized Callback");
            }
        }
    }
}

My Code:

    PasswordCallbackHandler handler = new PasswordCallbackHandler("user", "password".toCharArray());
    LoginContext context = new LoginContext("realm", handler);
    context.login();

The subject shows:

Subject:
    Principal: user
    Principal: Roles(members:ADMIN,USER)
    Principal: CallerPrincipal(members:user)

So the login itself worked. My Question now is what am I doing with it? When I fetch the current principal from the container I still receive anonymous. Tested on JBoss 7.1 and Wildfly.

    @Resource
    private SessionContext ctx;

Principal callerPrincipal = ctx.getCallerPrincipal();
if(callerPrincipal == null) {
    return null;
}

String name = callerPrincipal.getName(); // Also after login() it returns anonymous.

So did I misunderstood this functionality or should the container set the principal to the user I logged in?



--
This message was sent by Atlassian JIRA
(v6.2.3#6260)

More information about the jboss-jira mailing list