[jboss-user] [Security & JAAS/JBoss] - writing new LoginModul - unable to replace Principal ??
rsoika
do-not-reply at jboss.com
Wed Sep 13 03:05:21 EDT 2006
Hi,
I have a hard problem and need your help writing a new Login Modul for JBoss.
I have the follwing situation: users authenticate against a Web Application using the LdapLoginModule. The WebApp calls Session EJBs which need the UserName to implement some Business logic.
The Users can authenticate against the underlying LDAP server be a userid (e.g. customer ID) and password. - so far everything works well.
But inside the EJBs the follwoing code returns the Loginname:
| public void setSessionContext(javax.ejb.SessionContext ctx) {
| String sUserName=ctx.getCallerPrincipal().toString());
| }
|
But I need to get the Distinguished Name for the User (a full hierarchical name and not his UserID - "R15553" should become "CN=Ralph Soika/O=MYORG")
So now I started to write my own LoginModul by subclassing the org.jboss.security.auth.spi.LdapLoginModule
I tried everything to change the Principal with out any success.
I hoocked into the getUsername(), createIdentity() and getUsernameAndPassword() method.
I have read the source code and tried to understand the sharedState Map and put code like the following in any position:
| sharedState.put("javax.security.auth.login.name",sMyNewUserName);
|
I also tried to implement a new Login CallbackHandler. But I find no way to replace the UserID, which the user typed into the Login Dialog of his browser, so that getCallerPrincipal() returns a Full Name.
Can you give me please some assistance.
When I success I will post my LoginModol here. I think this Problem could be helpfull for many JBoss developers.
Thanks for help
Ralph
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3971188#3971188
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3971188
More information about the jboss-user
mailing list