[jboss-user] [Security & JAAS/JBoss] - Calling LoginModule in JBoss

mstarzyk Mon, 23 Oct 2006 16:39:25 -0700

Hi, 

I need some help in running authentication in JBoss. 
I have a custom JAAS login module that handles SAML SSO 
authentication. 
A servlet calls the LoginModule  upon receiving a SAML response 
After calling LoginContext.login() I have a successfully authenticated 
Subject. 
Then I need to assign this Subject to session.


In WebLogic I can do: 

  | // weblogic.servlet.security.ServletAuthentication 
  | ServletAuthentication.runAs(subject, request); 
  | 

How can it be done in JBoss ? 
Here is a code snippet:


  | if (/* request has cert */) { 
  |     cert = request.getAttribute("cert"); 
  |     CallbackHandler handler = new CertCallbackHandler(cert); 
  |     LoginContext lc = new LoginContext("composer-saml-cert", handler); 
  |     try { 
  |         lc.login(); 
  |         Subject subject = lc.getSubject(); 
  | 
  | //      **** << assign subject to request >> ****   !!!!!!!!!!!!!!!!!! 
  | 
  |     } catch(LoginException e) { 
  |         // XXXX 
  |     } 
  | } 
  | 
Thanks for any pointers, 
Maciek

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3980229#3980229

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3980229
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

[jboss-user] [Security & JAAS/JBoss] - Calling LoginModule in JBoss

Reply via email to