What's the "collecting user details" part of this?
For example, if you use J2EE security and HTTP Basic authentication, you can have the user's username and password (provided by HTTP Basic auth) resolved against a JAAS LoginModule (configured as a Geronimo security realm) and no servlet filter is necessary. That will let the application access the current user's username, and check whether they're in any particular J2EE security role to make finer-grained authorization decisions. It would not, however, let you look up the user's address and phone number, even if that was somehow stuffed into the Subject by the JAAS LoginModule. How well does this fit what you're trying to do? Thanks, Aaron On 9/20/06, sreepriya ramakrishnan <[EMAIL PROTECTED]> wrote:
Hi, These are the requirements: The application should use a HTTP Basic authentication with JAAS for authentication user and collecting user details. In all examples related to JAAS, I see that they use a Servlet Filter which uses a LoginContext to invoke the JAAS loginModule and then they populate the User Details in the Subject.They then use the same logincontext to retrieve the User details from the Subject. Doing it this way will enable me to populate the userdetails in session so that it is available to the application. I am not sure how to achieve this with Geronimo. Thanks, Priya --- Aaron Mulder <[EMAIL PROTECTED]> wrote: > Can you say a little more about what you're trying > to do? For > example, why are you accessing JAAS via a Servlet > Filter instead of > just using J2EE security? It is possible for you to > access Geronimo > security features from a filter but the best way may > depend on what > you're trying to accomplish. > > Thanks, > Aaron > > On 9/20/06, sreepriya ramakrishnan > <[EMAIL PROTECTED]> wrote: > > Hi , > > > > I am having problems understanding how geronimo > and > > JAAS work together. > > > > If I want to use a ServletFilter to access a > Geronimo > > deployed custom LOgin Module. How will I do that > and > > how will the configuration in Geronimo be? Should > I > > use Security realms ?? > > > > Your help will be greatly appreciated. I have > been > > stuck with this for quite sometime now and was > > wondering if you can help me. > > > > Thanks, > > Priya > > > > > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam > protection around > > http://mail.yahoo.com > > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
