[jboss-user] [Security & JAAS/JBoss] - HTTP Auth & callerPrincipal
do-not-reply at jboss.com
Thu Mar 6 06:37:46 EST 2008
I am quite new to jboss at all, and facing a problem with a login part of an app using ejb3 with SOA and a js-ajax web-client).
I have to use http-authentication and my LoginModule (extends UserNamePasswordModule) is working pretty fine so far. My LoginModule uses a session bean - my SecurityManager, to retrieve a User-Object for the name/password provided by the user through the http-auth-dialog. The name provided looks like "client/username". In my SecurityManager I split and process these infos and do my db-authenticaton (for this user an this client). And it works fine - for both LDAP and DB.
The problem for me now is, the the sessionContext.callerPrincipal gives me the user-provided string ("client/username") whereas I would need the name of user (Userobject.getname).
So how can I reach that? Do I have to set the caller somehow, when I changed the name after entering by the user?
thanks a lot,
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4134530#4134530
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4134530
More information about the jboss-user