Stojan
you are using current trunk and if you see JIRA tasks I am still
working on JAAS integration.
when you update your project ll recommend to update including
configuration, jaas conf is included and is working as expected,
although I havent tested
this in containers other than tomcat.
the way this should work:
1. we will provide some default login modules like jcr , ldap etc.
2. together with these modules it will work as it was always working ,
you wont feel any difference.
3. But, if you wanna use this in combination with other login module
then you might have to adapt or write your own authorization modules.
once I have this stable ll write all this on xdocs. but till then
expect changes and instability.
for a stable version without JAAS consider using 2.1 branch.
http://svn.magnolia.info/svn/magnolia/branches/magnolia2.1/
regards
- Sameer
On Aug 22, 2005, at 11:12 PM, goodusername wrote:
Hi again
after deeper debugging the problem is solved
it was the authenticate method (from
info.magnolia.cms.security.Authenticator)
that returned false over and over again
and that's because LoginContext loginContext = new
LoginContext("magnolia_authorization", callbackHandler);
was throwing exception,
solution is to add this lines:
magnolia_authorization {
info.magnolia.jaas.sp.jcr.JCRLoginModule required;
};
in jaas.conf file
only that I don't think this is permanent solution
correct if I'm wrong, please
one more thing
during debugging on tomcat I've noticed that this if
// first check if user has been authenticated by some other
service or container itself
if (req.getUserPrincipal() == null) {
is allways true, it seems like user is never authenticated via jaas ???
// user already authenticated via JAAS, try to load roles
for it
or this is all planned and unfinished work ???
Thanks
Stojan
----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------
----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------
