[jboss-user] [JBoss Portal Users] - Bug handling user names with Kerberos

[javaspack]

First, I know this most likely won't ever be fixed because it has been end of lifed, but the Gatein project is still in Beta, as thus not a viable alternative.

Anyway, I have been having problems where my Single Sign-On users can't access their dashboard after login. I have tracked the problem down to Kerberos users having a realm (ssoUser at REALM). If I just use ssoUser, then everything works fine.

In reviewing the code, I find that after logging in as ssoUser at REALM, that the code in PageCustomizerInterceptor:197

         User user = controllerCtx.getUser();

only returns ssoUser, not ssoUser at REALM.

This is the username that is used for checking my security level in the PortalObjectPermission:295-299

                  Principal user = (Principal)i.next();
                  String userName = user.getName();

                  //
                  return userName.equals(i2.next());


This evaluates to ssoUser at REALM.equals(ssoUser), since the Principal still has the correct user at REALM, but i2.next() is taken from the 'path:/username', which is dashboard:/ssoUser.

View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4269658#4269658

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4269658