[jboss-user] [JBoss Portal] - Re: Problems in doing JAAS login using code

sbiwal do-not-reply at jboss.com
Tue Mar 11 21:30:22 EDT 2008 

Hi

I am working on a similar problem. I want to login a special user automatically to the portal the first time a user access it (lets say "user" in the below code). 

I created a custom tomcat valve using the code described below. However the user is not authorized to access his dashboard (or any other /auth pages). I know I am missing something but can't put my finger on it.

I am using the standard JAAS IdentityLoginModule. I see that the Principal returned by the JBossSecurityMgrRealm is always null (becuase the security context is null). 

Please help me. I have been breaking my head over this for a long time. I have read documentations and other posts on the forum but nothing is working for me.

Thanks,
Swati



  | package org.jboss.web.tomcat.security;
  | 
  | import ..
  | 
  | /** A valve that provides information on the jaas login exception seen in the
  |  SecurityAssociation exception data. The useExceptionAsMsg flag indicates if
  |  the exception message should be set as the http response message. The
  |  exceptionHeader attribute if set is the header name that should be populated
  |  with the exception message.
  |    
  |  @author Scott.Stark at jboss.org
  |  @version $Revision: 57206 $
  |  */
  | public class BasicAuthValve
  |    extends ValveBase
  | {
  |    private static Logger log = Logger.getLogger(BasicAuthValve.class);
  |    private static boolean trace = log.isTraceEnabled();
  | 
  |    /** Should the exception message be used as the request status message */
  |    private boolean useExceptionAsMsg = false;
  |    /** A flag indicating if the auth exception thread local should be cleared */
  |    private boolean clearAuthException = true;
  |    /** The name of the reply header to use to return the exception message */
  |    private String exceptionHeader = null;
  | 
  |    public boolean isUseExceptionAsMsg()
  |    {
  |       return useExceptionAsMsg;
  |    }
  |    public void setUseExceptionAsMsg(boolean useExceptionAsMsg)
  |    {
  |       this.useExceptionAsMsg = useExceptionAsMsg;
  |    }
  | 
  |    public String getExceptionHeader()
  |    {
  |       return exceptionHeader;
  |    }
  |    public void setExceptionHeader(String exceptionHeader)
  |    {
  |       this.exceptionHeader = exceptionHeader;
  |    }
  | 
  |    public void invoke(Request request, Response response)
  |       throws IOException, ServletException
  |    {
  | 		// TODO Auto-generated method stub
  | 		List roles = new ArrayList();
  | 		roles.add("Authenticated");
  | 		roles.add("User");
  | 		roles.add("Admin");
  | 		roles.add("CustomRole"); 
  | 		
  | 		String password = "user";
  | 		String username = "user";
  | 		
  | 		Principal p = this.getContainer().getRealm().authenticate(username, (String)null);
  | 		request.setUserPrincipal(new GenericPrincipal(request.getContext().getRealm(), username, password, roles));
  | 
  | 		this.getNext().invoke(request, response);
  | 
  |    }
  |    
  | }

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4135808#4135808

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4135808

More information about the jboss-user mailing list