[jboss-user] [Security & JAAS/JBoss] - Automatic User Login Upon Registration in Application

Tue, 17 Jul 2007 18:13:42 -0700 

Hello,
I am trying to register a new user in the system and then automatically log him 
in so he can access secure myaccount.jsp page upon successful registration. The 
LDAP authentication goes well, no errors. However, when I try to redirect to 
the secure page, I am still getting login.html page. I want to avoid this extra 
step and have users be able to view secure resources upon successful 
registration in the system. 
Am I missing something? Below is a snippet from the test JSP that handles 
authentication. 

Thank you!


<[EMAIL PROTECTED] import="com.colddata.xxx.account.AccountManager"%>
<%@ page import="com.colddata.xxx.entity.User" %>
<%@ page import="java.util.Set" %>
<%@ page import="javax.security.auth.*" %>
<%@ page import="javax.security.auth.callback.*" %>
<%@ page import="javax.security.auth.login.LoginContext" %>
<%@ page import="javax.security.auth.login.LoginException" %>
<%@ page import="org.jboss.security.auth.callback.*" %>
<%@ page import="org.jboss.security.SimplePrincipal" %>

<%!
        User user = null;
        String nextPage = null;
%>

<%

        nextPage = "/testapp/secure/account/myaccount.jsp";
        
        // Create new user
        user = new User(request);
        AccountManager accountManager = new AccountManager();
        accountManager.createNewUser(user);
        
        // Programmatically log in new user
        try     {
                SecurityAssociationHandler handler = new 
SecurityAssociationHandler();
                SimplePrincipal principal = new 
SimplePrincipal(user.getUserID());
                handler.setSecurityInfo(principal, 
user.getPassword().toCharArray());
                
                LoginContext loginContext = new LoginContext("security_policy", 
(CallbackHandler)handler);
                loginContext.login();
                
                Subject subject = loginContext.getSubject();
                Set principals = subject.getPrincipals();
                principals.add(principal);

                
        } catch(LoginException e) { 
                System.out.println("ERROR: Cannot login user " + 
user.getUserID() + ". " + e);
        }

        // Redirect  to the My Account page
        response.sendRedirect(nextPage);
        out.flush();
%>

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4065224#4065224

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4065224
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to