And I fixed the problem.
User user = new User(username);
Set subjectPrincipals = subject.getPrincipals();
subjectPrincipals.add(user);
for (int i = 0; i < roles.length; i++) {
String roleName = roles[i];
subjectPrincipals.add(new Role(roleName));
}
return true;
Is how it should have looked.
-----Original Message-----
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: 08 August 2005 19:57
To: Struts Users Mailing List
Subject: Re: My first JAAS implementation. A few questions.
Hi Mark,
this wasn't really Struts but here goes anyway since I happen to know.
If you are using container-managed security in tomcat, then you should
be aware that tomcat has not implemented a pathway between JAAS and the
session which provides any more than the transfer of the username and
the roles.
Whatever else you put in your principal is discarded.
I am not sure why you are losing your roles as well. I have completely
different code for a JBoss implementation.
Mark Benussi on 08/08/05 19:24, wrote:
> I am implementing my first JAAS implementation and have some
> problems/questions.
>
> Firstly my commit method of my LoginModule does the following (User and
Role
> both implement Principal)
>
> // Create a new User Principal with the user name retrieved from the
> NameCallback
> User user = new User(username);
> // Add the principal to the subject
> subject.getPrincipals().add(user);
>
> for (int i = 0; i < roles.length; i++) {
> // Iterate the role names retrieved from the database lookup
> String roleName = roles[i];
> // Create a new Role Principal with the role name
> Role role = new Role(roleName);
> // Add it to the public credentials to see if it works
> subject.getPublicCredentials().add(role);
> // Add it to the private credentials to see if it works
> subject.getPrivateCredentials().add(role);
> }
> return true;
>
> In the JSP that the application returns to after doing form based
> authentication the following occurs
>
> <p>Subject = <%= Subject.getSubject(AccessController.getContext()) %></p>
> <p>Remote User = <%= request.getRemoteUser() %></p>
> <p>User Prinicipal = <%= request.getUserPrincipal() %></p>
>
> But this produces
>
> Subject = null
> Remote User = administrator
> User Prinicipal = GenericPrincipal[administrator()]
> Why is the subject null please?
>
> The request.isUserInRole() methods for the role names I added to the
subject
> also return false... has anyone got some helpful ideas please?
>
> If more source is needed I can gladly provide it if will help
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
