On Sep 5, 2008, at 8:54 AM, Marco Laponder wrote:
Didn't quite succeed in this method. The getUserPrincipal always
return
met a Principal of type org.apache.geronimo.jetty6.JAASJettyPrincipal.
Solution which I now use is getting the subject of that object and
looping over the principals in that subject to find my custom
principal.
It works but I am not really impressed with the code ;-)
Sorry, I forgot about that principal. I think in the jetty7-jaspi
stuff I've been working with you could define an authentication
module where this would work. Basically the problem is that half of
the ee specs think that a user principal means something and half
think that there's a Subject that means something and these points of
view are basically (IMNSHO) incompatible. JASPI at least lets you
plug in something that will define the meaning of the user principal
for yourself.
thanks
david jencks
Kind regards,
Marco
-----Oorspronkelijk bericht-----
Van: David Jencks [mailto:[EMAIL PROTECTED]
Verzonden: woensdag 3 september 2008 19:07
Aan: [email protected]
Onderwerp: Re: retrieve custom principal from custom loginmodule in
servlet
On Sep 3, 2008, at 1:28 AM, Marco Laponder wrote:
Hi Everyone,
I am trying to build a custom login module where custom principals
are
added to the subject. The login works as expected and on the commit I
add my specific principal object to the subject.
So far so good, but now I need to retrieve this object In my servlet
and
I was expecting to be able to retrieve it by
httpRequest.getUserPrincipal() but the principal returned is not an
instance of my custom principal. Can anyone given any tips how to
find
out what I am doing incorrect or is this situation not possible at
all ?
You don't say if your login configuration includes any other login
modules. Assuming that it does not....
The specs don't describe how to pick the "UserPrincipal" from the
possibly numerous principals in a logged-in Subject. Geronimo uses
this code snippet:
Set<? extends Principal> principals =
subject.getPrincipals(GeronimoCallerPrincipal.class);
if (!principals.isEmpty()) {
context.principal = principals.iterator().next();
} else if (!(principals =
subject.getPrincipals(PrimaryRealmPrincipal.class)).isEmpty()) {
context.principal = principals.iterator().next();
} else if (!(principals =
subject.getPrincipals(RealmPrincipal.class)).isEmpty()) {
context.principal = principals.iterator().next();
} else if (!(principals =
subject.getPrincipals()).isEmpty()) {
context.principal = principals.iterator().next();
}
So, the most reliable way to get your special principal returned as
the UserPrincipal is to have it implement the marker interface
GeronimoCallerPrincipal, and assure it is the only principal that
implements that interface.
Hope this helps
david jencks
Kind regards,
Marco Laponder
