Wendy,
Thanks for the reply. Here is my realm setup in my Tomcat server.xml:
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="imap"
userClassNames="com.redbarnsoftware.web.security.UserPrincipal"
roleClassNames="com.redbarnsoftware.web.security.RolePrincipal"
debug="99"
/>
I would have expected that designation of the user class name would have
resulted in my being returned the class I specified for the user class
name from the requestion.getUserPrincpal() method, but it doesn't. Like
I mentioned, I get back Tomcat's GenericPrincipal. I need to get back my
own custom principal, (i.e. the
com.redbarnsoftware.web.security.UserPrincipal listed in the realm
config), or at least have a way to get to it. Surely there's got to be a
way to do this.
Any thoughts?
Brad
Wendy Smoak wrote:
From: "Brad O'Hearne" <[EMAIL PROTECTED]>
I am using the JAASRealm for Tomcat 5.x, and in my JAAS module, I am
storing my own Principal subclass as the user principal. In my
subsequent
servlets, when I invoke the request.getUserPrincipal() method, I am not
returned my user principal, but I am instead returned a
GenericPrincipal.
This sounds vaguely familiar... no guarantees that this applies to your
situation, but when I was working out how to get Tomcat to use our campus
Kerberos server, I left this comment in the code:
/* Hand off to the JAASRealm superclass to authenticate the user.
This will use the Krb5LoginModule configured in jaas.conf.
With no 'userClassNames' in the <Realm>, it will return a
GenericPrincipal. Alternately, if you use
userClassNames="javax.security.auth.kerberos.KerberosPrincipal",
you will get back a KerberosPrincipal instead.*/
What does your <Realm> look like? If you haven't already, try listing
your
class in 'userClassNames' and see if you get the right return value.
More info here: http://wiki.wsmoak.net/cgi-bin/wiki.pl?TomcatJAASRealm
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
