[jboss-user] [Security & JAAS/JBoss] - Re: Using SecurityClient
do-not-reply at jboss.com
Tue Jun 9 09:48:27 EDT 2009
Hi Wolfgang and Anil
Thank you for your replies. I changed the client login as mentioned in the thread:
Unfortunately, it didn't solve the problem. May the problem is related to how my custom login module passes the roles back to the JAAS framework. According this blog:
the way of passing roles are JBoss specific. May I have to pass it differently when using standard JAAS client login without the SecurityClient.
The code is:
| if (!subject.getPrincipals().contains(user))
| * this is the important part to work with JBoss:
| * jboss requires the name 'Roles'
| SimpleGroup group = new SimpleGroup("Roles");
| for (SimplePrincipal role : roles)
The login itself works fine. The security exception is thrown when the client invokes a method from the session bean.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4236388#4236388
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4236388
More information about the jboss-user