I still doesn't work... Here is my code and all I did, this is only a test so my
LoginModule is quite ridiculous...
First my LoginModule:
package securite;
import....
....
public class TestLoginModule extends UsernamePasswordLoginModule
{
private TestPrincipal caller;
public boolean login() throws LoginException {
if(super.login()) {
caller=new TestPrincipal(getUsername(),getUsersPassword(),"CallerPrincipal");
return true;
}
return false;
}
public boolean commit() throws LoginException {
if(subject != null)
{
Set principals = subject.getPrincipals();
if(principals != null)
{
principals.add((TestPrincipal) caller);
Group callerPrincipal = new SimpleGroup("CallerPrincipal");
callerPrincipal.addMember((TestPrincipal) caller);
principals.add(callerPrincipal);
// Set the roles for this principal in the 'Roles' group
Group group = getGroup(principals,"Roles");
group.addMember(new SimplePrincipal("JBossAdmin"));
principals.add(group);
return true;
}
}
return false;
}
private static SimpleGroup getGroup(Set principals, String groupName) {
Iterator it = principals.iterator();
while (it.hasNext()) {
java.security.Principal principal =
(java.security.Principal) it.next();
if (principal instanceof SimpleGroup
&& groupName.equals(principal.getName())) {
return (SimpleGroup) principal;
}
}
return new SimpleGroup(groupName);
}
//I don't use this method but I need it to extend UsernamePasswordLoginModule
protected Group[] getRoleSets() throws LoginException {
try {
String roles = "JBossAdmin";
Group[] groups = {new SimpleGroup("Roles")};
log.info("Getting roles for user="+getUsername());
SimplePrincipal role = new SimplePrincipal(roles);
log.info("Found role="+roles);
groups[0].addMember(role);
return groups;
}
catch(Exception e)
{
log.error("Failed to obtain groups for user="+getUsername(), e);
System.out.println("error");
throw new LoginException(e.toString());
}
}
//to login, the password just have to equals the username
protected String getUsersPassword()
{
String password = getUsername();
return password;
}
}
I have also written my Custom Principal called securite.TestPrincipal which is quite
like simpleprincipal except the fact there is a name, a password and a comment in it.
I put all that in a library which I put in server/default/lib
Then I change the login-config.xml file adding:
<application-policy name = "essai">
<login-module code="securite.TestLoginModule"
flag = "required" >
<module-option
name="principalClass">securite.TestPrincipal</module-option>
</login-module>
</application-policy>
I do my test using a Servlet. To access this servlet I have to login using the basic
method. I configured the web.xml and jboss.xml so that the LoginModule used is mine.
Then I use the HttpRequest.getUserPrincipal and I get a SimplePrincipal :(. This
Servlet is also a client of an ejb which returns the CallerPrincipal (another
SimplePrincipal...) and the Subject in order to check it was successfully filled. I
also use your validateCallerPrincipal method.
I think that's all I do. Is there something I forgot to do? Did I make something
wrong? This code is very simple, maybe too simple but I thought it would work.
<a
href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3824030#3824030";>View
the original post</a>
<a
href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3824030>Reply
to the post</a>
-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
