[jboss-user] [JBoss Portal Users] - Bug handling user names with Kerberos
javaspack
do-not-reply at jboss.com
Tue Dec 8 13:50:17 EST 2009
First, I know this most likely won't ever be fixed because it has been end of lifed, but the Gatein project is still in Beta, as thus not a viable alternative.
Anyway, I have been having problems where my Single Sign-On users can't access their dashboard after login. I have tracked the problem down to Kerberos users having a realm (ssoUser at REALM). If I just use ssoUser, then everything works fine.
In reviewing the code, I find that after logging in as ssoUser at REALM, that the code in PageCustomizerInterceptor:197
User user = controllerCtx.getUser();
only returns ssoUser, not ssoUser at REALM.
This is the username that is used for checking my security level in the PortalObjectPermission:295-299
Principal user = (Principal)i.next();
String userName = user.getName();
//
return userName.equals(i2.next());
This evaluates to ssoUser at REALM.equals(ssoUser), since the Principal still has the correct user at REALM, but i2.next() is taken from the 'path:/username', which is dashboard:/ssoUser.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4269658#4269658
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4269658
More information about the jboss-user
mailing list