[jboss-user] [Security & JAAS/JBoss] - authentication issue ?

martin.schubert do-not-reply at jboss.com
Wed Mar 19 14:15:50 EDT 2008


Hi,
I've configured JOSSO authentication on my 4.2.2.GA portal bundle according to the guide at http://docs.jboss.com/jbportal/v2.6.4/referenceGuide/html/sso.html.
Logging in works as expected the 'portlet security' however seems to be broken e.g. even if logged in as admin the admin portlet is not accessible.
I've created a small portlet to print out some PortletRequest properties like 
AuthType, RemoteUser, UserPrincipal and isUserInRole the output is:

auth type:JOSSO
remote user:admin
user principal:admin
role 'Admin' ?:true
role 'User' ?:false

After days of time wasted on debugging I've read something at http://jira.jboss.org/jira/browse/JBPORTAL-1751?decorator=printable implying problems if you are not using the default login method.

My understanding is of this issue is very limited so if someone could explain me why portlets restricted to the admin role are not visible even if a user is logged in via josso with the admin role assigned I'd be very  gratefull !

Thank you,
Martin

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4137877#4137877

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4137877



More information about the jboss-user mailing list