[jboss-user] [JBoss Portal] - Re: Access userPrincipal from Servlet
Antoine_h
do-not-reply at jboss.com
Tue Apr 17 08:00:37 EDT 2007
I look at the CMSExportServlet in the jboss portal sources. It does not enforce security... so it is a bad track. sorry.
where is your servlet ?
calling the jndi service for the subject works with the filter put in web.xml of the portal-server.war.
This web app is the context where the sercurity domain is defined.
so if not in this context, then that is why the subject is not found
sounds logical if there are none defined in your web app, no ?
I am not sure, but sound logical...
I am not good enough at tomcat, security realm, domains, etc...
but I guess you can manage to set your web app to share the same authentification "domain" as the one of the portal, ie the one of portal-server.war
or look at jboss security ref guide, and how to secure a web app.
they explain how to set it in a web app, and compare with the portal-server.war web app.
hope it helps...
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4037934#4037934
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4037934
More information about the jboss-user
mailing list