Matt I am ok with you! I try the two methods and I have the same results (null) ! Perhaps we have to configure properly tomcat (?) so that it can record the subject in the session. Perhaps an authenticator ? Jean Fran�ois ! any ideas ?
The second method is Subject.getSubject(java.security.AccessController.getContext()); -----Message d'origine----- De�: Matt Harrison [mailto:[EMAIL PROTECTED] Envoy�: mardi 20 juillet 2004 17:42 ��: 'Tomcat Users List' Objet�: RE: RE : how to access Subject after authentification I have tried both of these and they both return null! > -----Original Message----- > From: Jeanfrancois Arcand [mailto:[EMAIL PROTECTED] > Sent: 20 July 2004 16:30 > To: Tomcat Users List > Subject: Re: RE : how to access Subject after authentification > > > Two ways: > > httpSession.getAttribute("javax.security.auth.subject") > > or > > Subject.getSubject(AccessControl.getContext()) > > -- Jeanfrancois > > Matt Harrison wrote: > > >Sorry for mis-reading your email > > > >If anybody out there knows how to retrieve the Subject, > Jean-Pierre and I > >would most appreciate it! > > > >But, if, as I suspect, this is not part of the current > servlet spec, and > >thus not part of Tomcat, can I make a request for this to be > included next > >time round? > > > >I work around this by concatenating all the information I > require from the > >subject into the Principal's name in my JAAS login module, as a > >java.security.Principal object is available from the request > object in > >Tomcat. But I guess this isn't an option for this problem. > > > >Matt > > > > > > > >>-----Original Message----- > >>From: LERBSCHER Jean-Pierre > >>[mailto:[EMAIL PROTECTED] > >>Sent: 20 July 2004 15:40 > >>To: 'Tomcat Users List' > >>Subject: RE : how to access Subject after authentification > >> > >> > >>Thanks Matt ! > >>My problem is that have to call EJB deployed in Weblogic > >>application server > >>from servlet components. I use the weblogic api to propagate > >>the security > >>information from tomcat to WLS. This api uses the subject! > Thus it is > >>necessary that I can reach it. > >> > >>-----Message d'origine----- > >>De : Matt Harrison [mailto:[EMAIL PROTECTED] > >>Envoy� : mardi 20 juillet 2004 15:59 > >>� : 'Tomcat Users List' > >>Objet : RE: how to access Subject after authentification > >> > >>Hi > >> > >>I had a similar question a while back and never really got it fully > >>resolved, but I found that Tomcat doesn't save the subject as > >>a session > >>attribute. > >> > >>However in your case you don't need to access the subject. In > >>the web.xml > >>file for your app, you can define what roles have access to > >>each resource > >>(jsp, servlet) and have your JAAS login module assign these > >>roles to the > >>subject - i.e. container managed security. > >> > >>e.g. add to web.xml (gives access to logins with role "user" > >>to all of your > >>application): > >> > >> <security-constraint> > >> <web-resource-collection> > >> > >><web-resource-name>myApplication</web-resource-name> > >> <url-pattern>/*</url-pattern> > >> </web-resource-collection> > >> <auth-constraint> > >> <role-name>user</role-name> > >> </auth-constraint> > >> </security-constraint> > >> <security-role> > >> <role-name>user</role-name> > >> </security-role> > >> > >>see the tomcat docs for more info > >> > >>Matt > >> > >> > >> > >>>-----Original Message----- > >>>From: LERBSCHER Jean-Pierre > >>>[mailto:[EMAIL PROTECTED] > >>>Sent: 20 July 2004 14:42 > >>>To: '[EMAIL PROTECTED]' > >>>Subject: how to access Subject after authentification > >>> > >>> > >>>Hi, > >>> > >>>I am using JAAS authentification module to authenticate user > >>>within tomcat > >>>5.0.27. > >>> > >>>After the authentification, I want to control access to > >>>resources (like ejb > >>>deployed in weblogic application server). > >>> > >>>To control access, I have to use weblogic api with the > >>>Subject instance > >>>delivred by authentification to tomcat. > >>> > >>> > >>> > >>>The problem is : how can I get the subject object.. I try > >>>session.getAttribute( "javax.security.auth.subject" ); but it > >>>seems that I > >>>can't access to this information ! > >>> > >>>Any ideas? > >>> > >>>Thanks, > >>> > >>> > >>> > >>> > >>------------------------------------------------------------ > --------- > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >>------------------------------------------------------------ > --------- > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
