[jboss-user] [Security] - JAAS - more data about the user

Jari Fredriksson jarif at iki.fi
Sun Nov 22 12:17:34 EST 2009



On 21.11.2009 20:56, ndario wrote:
> So far I developed webapps with User object in session that holds username, full name, role name etc.
> 
> Now I setup declarative security using LoginModule and all is well but all I have from current user is it's principal which is username only.
> 
> What can I do if I want to get hold of more user information from DB when authentication is performed? Do i have to create my own login module?
> 
> What is suggested way of dealing with this?
> 

IMHO JAAS does not have anything for this. You have to have own ways to
access the data store that the LoginModule uses.

It does not have to be own LoginModule. I use "standard" SQL
LoginModule, and maintain user with Ejb3 entity beans in my app. If it's
LDAP back end, you use LDAP means.

-- 
http://www.iki.fi/jarif/

Sheriff Chameleotoptor sighed with an air of weary sadness, and then
turned to Doppelgutt and said 'The Senator must really have been on a
bender this time -- he left a party in Cleveland, Ohio, at 11:30 last
night, and they found his car this morning in the smokestack of a British
aircraft carrier in the Formosa Straits.'
		-- Grand Panjandrum's Special Award, 1985 Bulwer-Lytton
		   bad fiction contest.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : http://lists.jboss.org/pipermail/jboss-user/attachments/20091122/336b3602/attachment.bin 


More information about the jboss-user mailing list