Re: How to use JSecurity

Wed, 13 Aug 2008 14:59:45 -0700 

Hi Daniel,

Have you configured JSecurity via a servlet filter in web.xml?  I'm just
trying to see what your runtime environment is like first before I recommend
a solution.

Les

On Wed, Aug 13, 2008 at 5:38 PM, daniel_asv <[EMAIL PROTECTED]> wrote:

>
> I have implemented this class that inherited from AuthorizingRealm
>
> package presentacion;
>
> import java.util.LinkedHashSet;
> import java.util.Set;
>
> import org.jsecurity.authc.AccountException;
> import org.jsecurity.authc.AuthenticationException;
> import org.jsecurity.authc.AuthenticationInfo;
> import org.jsecurity.authc.AuthenticationToken;
> import org.jsecurity.authc.SimpleAuthenticationInfo;
> import org.jsecurity.authc.UnknownAccountException;
> import org.jsecurity.authc.UsernamePasswordToken;
> import org.jsecurity.authz.AuthorizationException;
> import org.jsecurity.authz.AuthorizationInfo;
> import org.jsecurity.authz.SimpleAuthorizationInfo;
> import org.jsecurity.realm.AuthorizingRealm;
> import org.jsecurity.subject.PrincipalCollection;
>
> import acciones.God;
> import acciones.Permiso;
> import acciones.Rol;
> import acciones.Usuario;
>
> public class EjbRealm extends AuthorizingRealm {
>        private God servicios;
>
>        public EjbRealm(God servicios) {
>                this.servicios = servicios;
>        }
>
>        private Set<String> getRoles(Usuario u) {
>                Set<String> roles = new LinkedHashSet<String>();
>                for (Rol rol : u.getRoles()) {
>                        roles.add(rol.getNombre());
>                }
>                return roles;
>        }
>
>        private Set<String> getPermisos(Usuario u) {
>                Set<String> permisos = new LinkedHashSet<String>();
>                for (Rol rol : u.getRoles()) {
>                        for (Permiso p : rol.getPermisos()) {
>                                permisos.add(p.getNombre());
>                        }
>                }
>                return permisos;
>        }
>
>        @Override
>        protected AuthorizationInfo doGetAuthorizationInfo(
>                        PrincipalCollection principals) {
>                if (principals == null) {
>                        throw new AuthorizationException(
>                                        "El parametro PrincipalCollection no
> puede ser null.");
>                }
>                String apodo = (String)
> principals.fromRealm(getName()).iterator()
>                                .next();
>                Usuario u = servicios.consultarUsuario(apodo);
>                SimpleAuthorizationInfo info = new
> SimpleAuthorizationInfo(getRoles(u));
>                info.setStringPermissions(getPermisos(u));
>                return info;
>        }
>
>        @Override
>        protected AuthenticationInfo doGetAuthenticationInfo(
>                        AuthenticationToken token) throws
> AuthenticationException {
>                UsernamePasswordToken upToken = (UsernamePasswordToken)
> token;
>                String apodo = upToken.getUsername();
>                if (apodo == null) {
>                        throw new AccountException(
>                                        "No se permiten apodos Null en este
> realm.");
>                }
>                AuthenticationInfo info = null;
>                String contrasenia = servicios.consultarContrasenia(apodo);
>                if (contrasenia == null) {
>                        throw new UnknownAccountException("No se encontro el
> usuario ["
>                                        + apodo + "]");
>                }
>                info = new SimpleAuthenticationInfo(apodo, contrasenia,
> getName());
>                return info;
>        }
>
> }
>
> And in my login window i have implemented in a button this code
>        private GodService god = new GodService();
>        protected void button_actionPerformed(ActionEvent arg0) {
>                EjbRealm ejbRealm = new EjbRealm(god.getGodPort());
>                ejbRealm.setCredentialsMatcher(new
> Sha256CredentialsMatcher());
>                DefaultSecurityManager securityManager = new
> DefaultSecurityManager(
>                                ejbRealm);
>                UsernamePasswordToken token = new
> UsernamePasswordToken(apodoText
>                                .getText(), contraseniaText.getPassword());
>                try {
>                        Subject user = securityManager.login(token);
>                        if (user.isAuthenticated()) {
>                                MenuForm window = new MenuForm(god);
>                                window.show();
>                                dispose();
>                        }
>                } catch (AuthenticationException e) {
>                        mostrarMensaje("Usuario o contraseƱa incorrectos");
>                } finally {
>                        securityManager.destroy();
>                }
>        }
>
> But now i want to know how to secure my webservice (God) using JSecurity.
> What i need to do?
>
>
> daniel_asv wrote:
> >
> > Hi, i have a webservice from a stateless session bean running in a
> > GlassFish Application Server. The webservice is consumed by a swing
> > application, i want to agregate a login to the swing application, the
> user
> > and password will be stored in a SQL Server 2005 database managed by JPA
> > (Hibernate).
> >
> > What i need to do for use JSecurity in my login window using the
> > webservice?
> >
>
> --
> View this message in context:
> http://n2.nabble.com/How-to-use-JSecurity-tp679197p722874.html
> Sent from the JSecurity User mailing list archive at Nabble.com.
>
>

Reply via email to