"[EMAIL PROTECTED]" wrote : Yes you are correct. New security realm is not the
issue. Its inability of the Servlet Environment to properly populate the
security information needed by JBoss Portal.
|
| In fact why dont you try swicthing the portal security realm to your
custom/shared security realm and its LoginModules. You will still need to use
the deep JAAS/container managed approach, but you will be using the security
realm which is shared by all your applications.
|
| You should be able to do this by:
|
| 1/ Modify <application-policy name="portal"> inside
jboss-portal.sar/conf/login-config.xml to
| <application-policy name="{your security realm here}">
|
| 2/ Inside jboss-portal.sar/portal-server.war/WEB-INF/jboss-web.xml make
<security-domain>java:jaas/portal</security-domain> to
<security-domain>java:jaas/{your security realm here}</security-domain>
|
| Note: even with this approach you will still need to use the container
based/j_security approach for Portal to be properly populated with the security
information.
|
| btw- I have never tried swapping the realm this way for Portal. This is in
theory, so let us know if this actually works ;)
|
| Thanks
Sohil,
This is exactly how I have it now. It is working as I expected it to. And I've
had this working this way for a while.
However, as I mentioned earlier, the requirements changed and for some other
reasons, I can't do that anymore and I need to be able to explicitly invoke the
login module. This is where the problem creeps up.
I disabled container managed security for app #1 that is also deployed in JBoss
and uses the shared security realm. All works well because that is our app and
we control the authorization.
It doesn't work for app#2 (using JBoss Portal) as the authorization is beyond
my control. Actually, I even ran into a NPE from the JBoss Portal code (a
Portal bug that I need to file a jira issue for) but I managed to get past it
by doing some hacks. However, I am now at the point where the subject doesn't
contain any principals.
The only, last thing I need is a way to add the principals to the subject. How
do I get a handle to the subject so that I can add the principals, is the
million dollar question at this point....
Have spent hours on this (identify the NPE, finding a hack for it, etc.) so any
solutions to this would be immensely helpful and truly appreciated!!
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4071672#4071672
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4071672
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
