I investigated the code, and wrote something I thought could work:
My version of org/jboss/security/plugins/JaasSecurityManager.java
against jboss 3.0.2 (changes) marked with *:
==========================================================================
private boolean authenticate(Principal principal, Object credential)
{
Subject subject = null;
boolean authenticated = false;
try
{
** // Clear any current subject
** // SecurityAssociation.setSubject(null);
** subject = new Subject();
** subject.getPrincipals().add( new ***
SimplePrincipal("LoginModule") );
** SecurityAssociation.setSubject( subject );
// Validate the principal using the login configuration for
this domain
LoginContext lc = defaultLogin(principal, credential);
subject = lc.getSubject();
// Set the current subject if login was successful
if( subject != null )
{
SecurityAssociation.setSubject(subject);
authenticated = true;
// Build the Subject based DomainInfo cache value
updateCache(lc, subject, principal, credential);
}
** else {
** SecurityAssociation.setSubject(null);
** }
==========================
My idea was to set the subject to "LoginModule" before calling the login
module, but it doesn't seem to work :-(. Anyone that has any clues? Am I
completely wrong here, or is it just some small problem?
--
Marius Kotsbak
Boost Communications A/S
Trondheim, Norway
-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
