[jboss-user] [Security & JAAS/JBoss] - writing new LoginModul - unable to replace Principal ??

[rsoika]

Hi,

I have a hard problem and need your help writing a new Login Modul for JBoss.
I have the follwing situation: users authenticate against a Web Application using the LdapLoginModule. The WebApp calls Session EJBs which need the UserName to implement some Business logic.
The Users can authenticate against the underlying LDAP server be a userid (e.g. customer ID) and password. - so far everything works well.
But inside the EJBs the follwoing code returns the Loginname:


  | public void setSessionContext(javax.ejb.SessionContext ctx) {
  | 		String sUserName=ctx.getCallerPrincipal().toString());
  | 	}
  | 

But I need to get the Distinguished Name for the User (a full hierarchical name and not his UserID - "R15553" should become "CN=Ralph Soika/O=MYORG")

So now I started to write my own LoginModul by subclassing the org.jboss.security.auth.spi.LdapLoginModule

I tried everything to change the Principal with out any success.
I hoocked into the getUsername(), createIdentity() and getUsernameAndPassword() method.
I have read the source code and tried to understand the sharedState Map and put code like the following in any position:


  | sharedState.put("javax.security.auth.login.name",sMyNewUserName);
  | 

I also tried to implement a new Login CallbackHandler. But I find no way to replace the UserID, which the user typed into the Login Dialog of his browser, so that getCallerPrincipal() returns a Full Name.

Can you give me please some assistance. 
When I success I will post my LoginModol here. I think this Problem could be helpfull for many JBoss developers.

Thanks for help
Ralph




View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3971188#3971188

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3971188