I'm back!
After getting some jaas studies, i'm a little bit
better, so i can now formulate a better question.
Here it is... (I know that this is not only a Struts
question, because it envolves jaas, but i'm pretty
sure that people over here could give me some advise
on how to handle the problem).
I got my application protected with JAAS, so users
cannot access any pages or servles withou a login. I
build then an Action to handle login stuff.
Heres the code of my LoginAction (execute method).
//...
String j_username =
(String)request.getParameter("j_username");
String x = (String)request.getParameter("j_password");
if (x != null){
j_password = x.toCharArray();
handler = new UsernamePasswordHandler(j_username,
j_password);
}
LoginContext lc = null;
try {
lc = new LoginContext("example2", handler);
lc.login();
//this part doesn't matter very much
Subject subject = lc.getSubject();
Set principals = subject.getPrincipals();
Principal user = new SimplePrincipal(j_username);
principals.add(user);
} catch (LoginException e) {
// TODO Auto-generated catch block
e.printStackTrace();
throw new Exception();
}
return mapping.findForward("index");
The above code runs perfectly! It logs the user
correctly and then i'm forwared to my index page.
[b]But[/b], when i get to index, everything is gone!!!
I'm not logged anymore. If i try to access another
page in my application, i'm redirect to the login.jsp
page again!!!
I heard that this is because the multi-thread
characteristic of the servlets, but
How can i workaround this??? how can i make this
maintain my login through the rest of my session???
Here's a piece of login-config.xml
<application-policy name = "client-login">
<authentication>
<login-module code =
"org.jboss.security.ClientLoginModule"
flag = "required">
</login-module>
</authentication>
</application-policy>
<application-policy name="example2">
<authentication>
<login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
<!--<module-option
name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>-->
<module-option
name="dsJndiName">java:/DefaultDS</module-option>
<module-option name="principalsQuery">Select
Password from Principals where PrincipalID
=?</module-option>
<module-option name="rolesQuery">Select Role
'Roles', RoleGroup 'RoleGroups' from Roles where
PrincipalID =?</module-option>
</login-module>
</authentication>
</application-policy>
Thanks and regards,
Leandro
_______________________________________________________
Yahoo! Acesso Grátis - navegue de graça com conexão de qualidade!
http://br.acesso.yahoo.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
