[jboss-user] [JBoss Portal] - Re: Servlet calling java:portal/UserModule
do-not-reply at jboss.com
Fri Mar 21 06:08:15 EDT 2008
ok, the other post say it is ok to do it this way.
so why not.
but for your need, yes, getting the principal from the security checking is enough...
you don't need to reproduce the password checking etc....
get the principal :
you can get the principal from the portlet request...
and also from the servlet request...
so, yes, you can get it from your servlet, even if out of any portlet or so.
in fact, the JBoss Portal relies on JAAS/Tomcat integration for setting up the Portal security.
the JAAS/Tomcat make the security authentification, then provide the principal to any servlet running under the security domain.
the principal is the same for the portlet and the servlet (read the JSR-168 about that).
look a HTTPServletRequest and the getPrincipal() method.
and how to use it to know if the user is logged in etc....
(I will be out of office for a while...)
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4138257#4138257
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4138257
More information about the jboss-user