your old subject is removed in the security valve (org.apache.jetspeed.security.impl.SecurityValveImpl). The default security valve implementation takes the user principal from the request (passed from JAAS authentication) and creates a new subject (with principals loaded from the DB) and stores that in the session *and* sets the request's subject as well. Any following code is executed under the new subject. In short, you will need to modify the security valve implementation's getSubject() method, and create your own subject / principals. Dennis
________________________________ Van: cherry coke [mailto:[EMAIL PROTECTED] Verzonden: vr 1-2-2008 10:44 Aan: [email protected] Onderwerp: problem with subject.getPrincipals().add(XXX) I have made my own login module extending the class DefaultLoginModule. This works fine. The problem is that I add values to the Subjet object (subject.getPrincipals().add(XXX)) in the login module (commit method) and later when I try to get these values in a portlet (jsp) I don´t get these values. LoginModule: public class LoginModuleXXX extends DefaultLoginModule { [...] public boolean commit() throws LoginException { if (subject.isReadOnly()) { throw new LoginException("Subject is Readonly"); } if (!succeeded) { return false; } try { userPrincipal = new XXX(username); if (!subject.getPrincipals().contains(userPrincipal)) { subject.getPrincipals().add(userPrincipal); } subject.getPrincipals().add(new RolePrincipalImpl("portal-user")); password = null; commitSucceeded = true; [...] } [...] } Portlet (jsp): [...] RequestContext _context = (RequestContext)request.getAttribute(RequestContext.REQUEST_PORTALENV); _context.getSubject().getPrincipals() ... [...] I have seen that "Jetspeed 2" ignores my "subject" and creates a new one in org.apache.jetspeed.security.impl.UserManagerImpl or elsewhere, and get the user roles from the Jetspeed database. I want that Jetspeed takes the roles and objects that I use in the login module and not the roles from the Jetspeed database. ¿Is that posible? ¿How can I make that? Thanks (and sorry for my english) _________________________________________________________________ Tecnología, moda, motor, viajes,...suscríbete a nuestros boletines para estar siempre a la última http://newsletters.msn.com/hm/maintenanceeses.asp?L=ES&C=ES&P=WCMaintenance&Brand=WL&RU=http%3a%2f%2fmail.live.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
