[jboss-user] [JBoss Portal] - Re: Cannot retrieve user: Unable to locate current JTA trans
sohil.shah@jboss.com
do-not-reply at jboss.com
Tue Aug 7 10:49:06 EDT 2007
krish-
anonymous wrote :
| I have a servlet implemented that uses the LoginContext and invokes my security realm. It passes through the various login modules and authentication succeeds. However, JBoss Portal throws an authorization exception as the principals were never set.
|
Again, whats the reason for creating your own security realm being invoked by a servlet instead of using JBoss Portal's built-in security realm and just integrating your LoginModules into this realm instead of the out-of-the-box JBoss Portal Login Modules?
Reason I ask is Portal depends on the entire JAAS integration with Tomcat that populates all the Subjects etc on authentication. This integration AFAIK cannot be done inside the Servlet Environment. You will have to get to a lower level inside of Tomcat which would be using a Valve/Authenticator approach.
This approach is not a hack, but its definitely not trivial, so unless there is a really good reason to inject your own security realm, I would recommend integrating with JBoss Portal's security realm with your custom LoginModules.
Thanks
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4071638#4071638
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4071638
More information about the jboss-user
mailing list