Turns out that JBoss web only indirectly relies on JAAS; there's layers of
jboss and tomcat security in between.  What a mess.  Here is what I have
come up with that works.  Anyone interested, enjoy.

package org.restlet.ext.tomcat;

import java.security.Principal;

import org.apache.catalina.Context;
import org.apache.catalina.Engine;
import org.apache.catalina.Host;
import org.apache.catalina.Realm;
import org.apache.catalina.Server;
import org.apache.catalina.ServerFactory;
import org.apache.catalina.Service;
import org.restlet.security.SecretVerifier;

public class TomcatVerifier extends SecretVerifier {

  private String serviceName;
  private String contextName;

  public String getServiceName() {
    return serviceName;
  }

  public void setServiceName(String serviceName) {
    this.serviceName = serviceName;
  }

  public String getContextName() {
    return contextName;
  }

  public void setContextName(String contextName) {
    this.contextName = contextName;
  }

  @Override
  public boolean verify(String identifier, char[] secret) {
    final Server server = ServerFactory.getServer();
    final Service service = server.findService(serviceName);
    final Engine engine = (Engine) service.getContainer();
    final Host host = (Host) engine.findChild(engine.getDefaultHost());
    final Context context = (Context) host.findChild(contextName);
    final Realm realm = context.getRealm();
    final Principal principal = realm.authenticate(identifier, new
String(secret));
    return principal != null;
  }

}

And then the spring config:

  <bean id="tomcatVerifier" class="org.restlet.ext.tomcat.TomcatVerifier">
    <property name="serviceName" value="jboss.web"/>
    <property name="contextName" value="/myapp"/>
  </bean>

-- 
View this message in context: 
http://n2.nabble.com/JAAS-and-JBoss-5-1-tp4904649p4937297.html
Sent from the Restlet Discuss mailing list archive at Nabble.com.

------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2591661

Reply via email to