Hi,
I use a JAASRealm in my context with mys own LoginModule to
authenticate in mys webapp. When I use the cluster for session replication,
I have a ClassCastExecption when the cluster try to serialize the Principal
object.
When I look in the source code
());
Principal p = (Principal)s.getPrincipals().toArray()[0];
The API only allows me to retrieve, on the Principal, the name (with the
getName accessor) of the user, not associated roles.
Nevertheless, when running the code in a debugger, the state of the
Principal object seems containing all needed
to get Roles in a Principal with JNDIRealm
Hello All,
I'm using JNDIRealm to authenticate users and it's working well.
In my java code, I need to retrieve roles associated with the
authenticated user.
Here is a sample of this code :
Subject s =
Subject.getSubject
and removing it from your webapp.
HTH,
Jon
ralf lorenz wrote:
hi there,
i've written my own realm 'CrmJDBCRealm' which extends the 'JDBCRealm'
one of catalina.
this realm creates and returns a principal of type 'CrmPrincipalImpl' which
extends 'GenericPrincipal' and implements 'CrmPrincipal
hi there,
i've written my own realm 'CrmJDBCRealm' which extends the 'JDBCRealm' one
of catalina.
this realm creates and returns a principal of type 'CrmPrincipalImpl' which
extends 'GenericPrincipal' and implements 'CrmPrincipal'.
'CrmPrincipal' has getter for an 'id' and getter and setter
: RE: Why not get my custom Principal using
request.getUserprincipal()?
Howdy,
do you mean the JBoss realm?
No, I mean Tomcat's realm., aka the org.apache.catalina.Realm class.
There's a realm how-to page in the tomcat documentation and you will
also want to look at one of the provided realms
After the return of the createPrincipal() method of Realm classes from Tomcat, how
this Principal is put in request ?
I'm using a class that get this Principal returned and i don't know how put it in
Request.
Thanks,
Icaro
List [EMAIL PROTECTED]
Sent: Wednesday, January 07, 2004 2:58 PM
Subject: RE: Custom-Principal
Howdy,
Hmm, I could swear I've read and answered this exact message, maybe a few
weeks ago. Or maybe I'm dreaming. Anyways, you need a custom Realm
implementation, probably a simple extension of one
Howdy,
thanx. You did answer the question. But I didn´t know how to realize what
you suggested for the embedded version of Tomcat into JBoss. I didn´t even
find the server.xml.
Any idea about it?
So you asked the exact same question? ;) JBoss uses its own configuration for
embedded tomcat,
Hi,
I am using JBoss 3.2.3 with embedded Tomcat 4.
I am developping a secure web-application based on JAAS. The problem is that I want to
use my own custom Principal.
I made the necessary changes in JBoss and EJBContext.getUserprincopal delivers the
right Implementation.
But when I call
anis wrote:
Hi,
I am using JBoss 3.2.3 with embedded Tomcat 4.
I am developping a secure web-application based on JAAS. The problem is that I want to
use my own custom Principal.
I made the necessary changes in JBoss and EJBContext.getUserprincopal delivers the
right Implementation.
But when
). This realm will create your custom principal object.
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 07, 2004 8:39 AM
To: Tomcat Users List
Subject: Custom-Principal
Importance: High
Hi,
I am using JBoss
Hi,
I am using JBoss 3.2.1 with embedded Tomcat 4.
I am developping a secure web-application based on JAAS. The problem is that I want to
use my own custom Principal.
I made the necessary changes in JBoss and EJBContext.getUserprincopal delivers the
right Implementation.
But when I call
Howdy,
Read the Realm documentation to see how to customize your Realm such that it returns
your custom Principal.
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Anis Ben Hamidene [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 17, 2003 7:37 AM
To: [EMAIL
Hi,
do you mean the JBoss realm?
Tomcat Users List [EMAIL PROTECTED] schrieb am 17.12.03 15:05:24:
Howdy,
Read the Realm documentation to see how to customize your Realm such that it returns
your custom Principal.
Yoav Shapira
Millennium ChemInformatics
-Original Message
PROTECTED] schrieb am 17.12.03
15:05:24:
Howdy,
Read the Realm documentation to see how to customize your Realm such that
it returns your custom Principal.
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Anis Ben Hamidene [mailto:[EMAIL PROTECTED]
Sent
Hi,
I am using JBoss 3.2.1 with Tomcat 4.
I am developping a secure web-application based on JAAS. The problem is that
I want to use my own custom Principal.
I made the necessary changes in JBoss and EJBContext.getUserprincopal
delivers the right Implementation.
But when I call
I have several applications in my Tomcat webapps
directory for some reason following web.xml works for
one app but generates erorr for the other:
HTTP Status 500 - Configuration error: Cannot perform
access control without an authenticated principal
Here is the code:
?xml version=1.0 encoding
):
Configuration error: Cannot perform access control without an authenticated
principal
I guess I have to write a custom realm for authorization purposes (which
roles the user belongs to). But Tomcat has to authenticate the user which
is already authenticated by Apache. The returned principal
From the code in
catalina/src/share/org/apache/catalina/authenticator/BasicAuthenticator.java
Principal principal =
((HttpServletRequest) request.getRequest()).getUserPrincipal();
if (principal != null) {
if (debug = 1)
log(Already
Principal principal =
((HttpServletRequest) request.getRequest()).getUserPrincipal();
if (principal != null) {
if (debug = 1)
log(Already authenticated ' + principal.getName() + ');
return (true);
}
it looks like you shouldn't
I have to overwrite the getUserPrincipal in this valve. I tried the
following:
public void invoke(Request request, Response response, ValveContext
context)
throws IOException, ServletException
{
logger.info(invoke);
HttpRequestWrapper wrapper = new HttpRequestWrapper
a secured servlet (filter is
activ):
Configuration error: Cannot perform access control without an authenticated
principal
I guess I have to write a custom realm for authorization purposes (which
roles the user belongs to). But Tomcat has to authenticate the user which
is already authenticated
Hi
Can I implement a filter which sets the current principal, so that calls to
request.getUserPrincipal().getName() succeed?
In our company, an apache server in front of tomcat authenticates the
client and delegates the user principal as an http header attribute. I want
to read this principal
Although I havn't tried it, I guess yes.
I think you have to define your own RequestWrapper
that lets you set the principal.
-Original Message-
From: Oliver Wulff [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 01, 2003 2:42 PM
To: [EMAIL PROTECTED]
Subject: user principal, realm
:
Thema: RE: user principal, realm
01.04.2003 14:50
Which class/methods are you talking about ?
-Original Message-
From: Oliver Wulff [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 01, 2003 5:02 PM
To: Tomcat Users List
Subject: Antwort: RE: user principal, realm
I took a look to JavaDoc and saw that all methods are deprecated
attribute and register it. Here the way how the BasicAuthenticator does it:
register(request, response, principal, Constants.BASIC_METHOD, username,
password);
My problem, am I free in choosing a constant? I don't have a password
because authentication has been done in the apache server which is in front
-
From: Oliver Wulff [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 02, 2003 9:25 AM
To: Tomcat Users List
Subject: Antwort: RE: Antwort: RE: user principal, realm
org.apache.catalina.connector.RequestWrapper
I'm wondering if I could just implement my custom
authenticator
and keep a cache of userid's and credentials
with a method to access them.
3. Create a valve that retrieves the principal from the request, looks
up the realm for that principal, retrieves the password from the realm
and does a JAAS login using the second login configuration above for
every HTTP
to Principal
OK I'm still not sure we are talking on the same page so please bear
with me whilst I attempt to restate what is happening.
Tomcat 4.1.18 running in JDK 1.4
JBoss 3.0.3 running in JDK 1.3
Tomcat is running standalone in a seperate JVM to JBoss.
Both Tomcat and JBoss
Craig R. McClanahan wrote:
Tomcat 5 has integrated support for JSR 115, but that's for authorization,
not authentication.
Oh no, there's a difference? Is there an explanatory document somewhere
that I missed?
Erik
-
Howdy,
http://www.itsecurity.com/asktecs/oct1801.htm
Yoav Shapira
Millennium ChemInformatics
-Original Message-
From: Erik Price [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 10, 2003 11:18 AM
To: Tomcat Users List
Subject: Re: Valve Access to Principal
Craig R. McClanahan wrote
On Mon, 10 Feb 2003, Erik Price wrote:
Date: Mon, 10 Feb 2003 11:17:31 -0500
From: Erik Price [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Subject: Re: Valve Access to Principal
Craig R. McClanahan wrote:
Tomcat 5 has
Thanks Craig, this sounds like a much cleaner solution than what I
eventually tried which was to copy the session grabbing code out of
AuthenticatorBase and use it to get the required principal.
The problem I am having now is that JBoss still thinks that the logged
on user is the last one
On Sun, 10 Feb 2003, Peter Kelley wrote:
Date: 10 Feb 2003 14:31:23 +1100
From: Peter Kelley [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Subject: Re: Valve Access to Principal
Thanks Craig, this sounds like a much cleaner
List [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Subject: Re: Valve Access to Principal
Thanks Craig, this sounds like a much cleaner solution than what I
eventually tried which was to copy the session grabbing code out of
AuthenticatorBase and use it to get the required
On Sun, 10 Feb 2003, Peter Kelley wrote:
Date: 10 Feb 2003 16:12:36 +1100
From: Peter Kelley [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Valve Access to Principal
I think you misunderstand my question, I want to run Tomcat standalone
the thread that is performing the work and the JAAS subject
which tells JBoss who is calling the EJB.
This is a direct parallel to the code in AuthenticatorBase that gets the
Principal out of the user's session and sets the request up so that
calls to getUserPrincipal() return the correct value.
I
On Mon, 2003-02-10 at 17:22, Peter Kelley wrote:
All of this seems to be working in the debugger correctly. The problem
is that the JAAS security association that I am doing seems to be with
the wrong thread or something because by the time JBoss sees it the
subject is the one of the user who
On Sun, 10 Feb 2003, Peter Kelley wrote:
Date: 10 Feb 2003 17:22:53 +1100
From: Peter Kelley [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Subject: Re: Valve Access to Principal
OK I'm still not sure we are talking on the same
that I can't get access to the principal.
My valve is currently defined in a context element in server.xml and I
can see it on the call stack when I set a breakpoint in
AuthenticatorBase in the debugger.
Any suggestions as to how I could get the valve to be executed after the
authenticator
On Fri, 8 Feb 2003, Peter Kelley wrote:
Date: 08 Feb 2003 17:29:10 +1100
From: Peter Kelley [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Subject: Valve Access to Principal
I'm writing a valve to associate a request with a subject
in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
On Fri, 8 Feb 2003, Peter Kelley wrote:
Date: 08 Feb 2003 17:29:10 +1100
From: Peter Kelley [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Subject: Valve Access to P
Hi
Does anyone know a way to set the HttpSession Pricipal from the a
context classloader. I can see a set method in the catalina session,
but I don't have access to that class. I guess I could use reflection
and find the method or just add the Principal to the session on some
predefinied key
I've been successful in creating a custom JDBCRealm and have extended the
GenericPrincipal. However, when attempting to pull my principal from the
request (request.getUserPrincipal()) and cast to EITHER
org.apache.catalina.realm.GenericPrincipal or my custom principal, I get a
Class Cast
The problem does have to do with the class loaders. From what you
are trying, I guess that you have a copy of the Principal in the
lib/container jar and in lib/apps or WEB-INF. The problem is that classes
loaded by two different class loaders are not equal and the same class from
two
Thanks for all,
I make an interface for MyPrincipal and put all classes in /common/lib
And now it works fine.
Nicolas
-Message d'origine-
De : Randy Layman [mailto:[EMAIL PROTECTED]]
Envoyé : lundi 4 février 2002 12:56
À : 'Tomcat Users List'
Objet : RE: Principal Cast Exception
Hi,
I have make my own Principal class name MyPrincipal that extends from
java.scurity.Principal
I make my own Realm and i can log with it.
But when i get the Principal object whith the request.getUserPrincipal()
method i cant cast this object in (MyPrincipal).
I get a classCastException when i
Users List
Subject: Re: Principal caching with authentication
Yep, Craig, I forgot about servlets :-)
- Original Message -
From: Mika Goeckel [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Wednesday, November 14, 2001 12:23 AM
Subject: Re: Principal caching
the
user has been validated as having access roles for that session. So, maybe
once again I am missing it, but, I could cache the credentials on my own if
I could get a session timeout event and the Principal it was using for that
session. I could just do a quick lookup on the principal to see if I have
On Tue, 13 Nov 2001, Bongiorno, Christian wrote:
Date: Tue, 13 Nov 2001 17:49:40 -0500
From: Bongiorno, Christian [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Subject: Principal caching with authentication
Here is something
Subject: Re: Principal caching with authentication
On Tue, 13 Nov 2001, Bongiorno, Christian wrote:
Date: Tue, 13 Nov 2001 17:49:40 -0500
From: Bongiorno, Christian [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Subject: Principal
On Tue, 13 Nov 2001, Bongiorno, Christian wrote:
Date: Tue, 13 Nov 2001 18:06:53 -0500
From: Bongiorno, Christian [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Subject: RE: Principal caching with authentication
How would I know
, Christian [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Sent: Wednesday, November 14, 2001 12:06 AM
Subject: RE: Principal caching with authentication
How would I know if I was or wasn't using sessions? Maybe I don't
understand
the use of the term correctly. What is the default
Yep, Craig, I forgot about servlets :-)
- Original Message -
From: Mika Goeckel [EMAIL PROTECTED]
To: Tomcat Users List [EMAIL PROTECTED]
Sent: Wednesday, November 14, 2001 12:23 AM
Subject: Re: Principal caching with authentication
Chris,
sessions are there by default, you can only
Inside of a Valve.invoke method, is there any way to reach the session or
principal objects associated with the current Request?
Thanks...
...Casey
==
Casey Bragg - Software Engineer
Allegiance Telecom, Inc. Dallas, TX
469-259-2702 - [EMAIL PROTECTED]
==
I can't figure out what a Principal is all about...
where does the Principal come from?
I log on to a secure page using formbased security and it put in the user
name tomcat and passwd tomcat...it says logged in as tomcat principal johnd
!
Where does it get johnd??
that is my name...but how
58 matches
Mail list logo
