Ray Krueger wrote:
Colin Sampaleanu wrote:
Ray Krueger wrote:
I just wanted to take a moment to introduce myself. My name is Ray Krueger, and after some off-list discussions with Ben Alex, I will be working on integrating JAAS into the Acegi framework.
I have already written the base implementation for a JAAS based AuthenticationProvider. The JAASAuthenticationProvider is more-or-less a wrapper around a LoginContext object. The LoginContext object is configured by passing the JAASAuthenticationProvider the name of the LoginContext, and the JAAS configuration file to read.
The implementation also provides a JAASCallbackHandler interface that is similar to he CallbackHandler interface in the 'true' JAAS api. The new interface provides a setter for the Authentication object, so that the callbackhandler can have a reference to the user data at execution time.
This is for cut and paste code reuse of an existing JAAS based provider, when JAAS is not in fact actually available?
I'm not exactly sure what your asking...
Are you asking about the whole JAAS implementation, or the Callbackhandler interace itself?
Although you stated it pretty clearly, I inexplicably didn't see the part about the JAASCallbackHandler interface having a setter for the Authentication object, so I was trying to figure out why the interface was there, and that's the first thing that came to mind (since I did something similar almost 3 years ago when I did a security framework that was sort of based on JAAS and the idea of trying to reuse JAAS providers at a source code level).
There is also the AuthorizationGranter interface (that needs a better name). After LoginContext.login() is called by the JAASAuthrizationProvider, the principals are retrieved from the Subject (LoginContext.getSubject().getPrincipals()). Each Principal is then passed to the AuthorizationGranters for evaluation. If the AuthorizationGranter wishes to grant a given role to the Authentication, it simply returns the role name that it was configured with in the ApplicationContext. If it does not wish to grant anything, it returns null.
That is the short explanation of the first part of the JAAS work. The simplest configuration is really just using the JAASAuthenticationProvider instead of the DaoAuthenticationProvider. All method invocation, and url Authorizations are still handled by Acegi. It is just the Authentication part that is handled by JAAS. We'll add on from there.
I will be committing the first parts in the next day or so. I look forward to any and all feedback.
Thanks for having me! -Ray Krueger
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Acegisecurity-developer mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
