here a sample: http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
- Romain 2012/6/1 Romain Manni-Bucau <[email protected]> > in my test i used: > > <Realm className="org.apache.tomee.catalina.TomEERealm"> > <Realm className="org.apache.catalina.realm.JAASRealm" > appName="PropertiesLoginModule" > > > userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User" > > > roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Group"> > </Realm> > </Realm> > > but i guess you can replace the jaasrealm by your dsrealm > > - Romain > > > 2012/6/1 José Luis Cetina <[email protected]> > >> Yes, it seems buggy. >> >> Where i have to replace? >> >> Remember im using DataSourceRealm >> >> 2012/5/31 Romain Manni-Bucau <[email protected]> >> >> > this is the current status, >> > >> > but IMO it is buggy, >> > >> > i'll commit soon a TomEEJAASRealm to make it working (replace JAASRealm >> in >> > the conf) >> > >> > - Romain >> > >> > >> > 2012/6/1 José Luis Cetina <[email protected]> >> > >> > > i think we are getting confused. >> > > >> > > If i resume all, this what i asked (the final of the first post) >> > > >> > > I dont know if this is the desire behavior or if this happend becase >> the >> > > httr request isnt finished? >> > > Then you answer me: >> > > >> > > in fact info from ejbcontext are taken in our securitymodule >> > > >> > > in tomee we set/unset it from a valve so at the beginning/end of the >> > > request...all between is currently ignored so when you log you need >> > another >> > > request to get the updated information (from the tomcat realm) >> > > >> > > "so when you log you need another request to get the updated >> information >> > > (from the tomcat realm) >> > > >> > > Then i get guest because is the desire behaviour, after the first >> > request i >> > > can get the user i expected. >> > > >> > > Then i resume, this is the default behaviour, and works but you need a >> > > second request. >> > > >> > > >> > > >> > > 2012/5/31 Romain Manni-Bucau <[email protected]> >> > > >> > > > i think it should work >> > > > >> > > > - Romain >> > > > >> > > > >> > > > 2012/6/1 José Luis Cetina <[email protected]> >> > > > >> > > > > I mean this: >> > > > > >> > > > > I dont know if this is the desire behaviour or if this happend >> > because >> > > > the >> > > > > http request isnt finished? >> > > > > >> > > > > >> > > > > >> > > > > 2012/5/31 José Luis Cetina <[email protected]> >> > > > > >> > > > > > Ok, the what i asked is correct?? >> > > > > > >> > > > > > "I dont know if this is the desire behaviour or if this happend >> > > because >> > > > > > the http request isnt finished?" >> > > > > > >> > > > > > 2012/5/31 Romain Manni-Bucau <[email protected]> >> > > > > > >> > > > > >> ok, >> > > > > >> >> > > > > >> in fact info from ejbcontext are taken in our securitymodule >> > > > > >> >> > > > > >> in tomee we set/unset it from a valve so at the beginning/end >> of >> > the >> > > > > >> request...all between is currently ignored so when you log you >> > need >> > > > > >> another >> > > > > >> request to get the updated information (from the tomcat realm) >> > > > > >> >> > > > > >> - Romain >> > > > > >> >> > > > > >> >> > > > > >> 2012/6/1 José Luis Cetina <[email protected]> >> > > > > >> >> > > > > >> > Yes, it work >> > > > > >> > >> > > > > >> > 1) Login (form login) using DataSourceRealm >> > > > > >> > >> > > > > >> > >> > > > > >> > 2) Redirect to page2 from my managedbean >> > > > > >> > >> > > > > >> > 2012/5/31 Romain Manni-Bucau <[email protected]> >> > > > > >> > >> > > > > >> > > so you mean using the flow i described before it works? >> > (sorry, >> > > > just >> > > > > >> to >> > > > > >> > be >> > > > > >> > > sure to understand) >> > > > > >> > > >> > > > > >> > > - Romain >> > > > > >> > > >> > > > > >> > > >> > > > > >> > > 2012/6/1 José Luis Cetina <[email protected]> >> > > > > >> > > >> > > > > >> > > > Hi i can login and i can navigate (redirect) to my other >> > page, >> > > > > but i >> > > > > >> > dont >> > > > > >> > > > know why im getting guest user in the login mbean, after >> > that >> > > in >> > > > > >> other >> > > > > >> > > > mbean i get my "real" user. >> > > > > >> > > > >> > > > > >> > > > >> > > > > >> > > > 2012/5/31 Romain Manni-Bucau <[email protected]> >> > > > > >> > > > >> > > > > >> > > > > maybe >> > > > > >> > > > > >> > > > > >> > > > >> > > > > >> > > >> > > > > >> > >> > > > > >> >> > > > > >> > > > >> > > >> > >> http://rmannibucau.wordpress.com/2012/05/09/tomee-and-its-ssh-connector/but >> > > > > >> > > > > it uses properties file, it just need a custom login >> > module >> > > > > >> > > > implementation >> > > > > >> > > > > to use a db. >> > > > > >> > > > > >> > > > > >> > > > > well, >> > > > > >> > > > > >> > > > > >> > > > > before can you test it please? >> > > > > >> > > > > 1) login >> > > > > >> > > > > 2) redirect to your page using your bean >> > > > > >> > > > > >> > > > > >> > > > > - Romain >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > 2012/6/1 José Luis Cetina <[email protected]> >> > > > > >> > > > > >> > > > > >> > > > > > I have to read and know how to use this, i always use >> > > > > >> DataSource or >> > > > > >> > > > > > JDBCRealm. (with glassfish). >> > > > > >> > > > > > im reading now, do you have something for a >> quickstart? >> > > for >> > > > > >> share >> > > > > >> > me >> > > > > >> > > > > > >> > > > > >> > > > > > 2012/5/31 Romain Manni-Bucau <[email protected]> >> > > > > >> > > > > > >> > > > > >> > > > > > > having your password in a db is not an issue but i >> > think >> > > > you >> > > > > >> > should >> > > > > >> > > > > > > use org.apache.catalina.realm.JAASRealm >> > > > > >> > > > > > > >> > > > > >> > > > > > > for instance: >> > > > > >> > > > > > > >> > > > > >> > > > > > > <Realm >> > > className="org.apache.catalina.realm.JAASRealm" >> > > > > >> > > > > > > appName="MyDBLoginModule" >> > > > > >> > > > > > > >> > > > > >> > > > > > > >> > > > > >> > > > > > > >> > > > > >> > > > > > >> > > > > >> > > > > >> > > > > >> > > > >> > > > > >> > > >> > > > > >> > >> > > > > >> >> > > > > >> > > > >> > > >> > >> >> userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User" >> > > > > >> > > > > > > >> > > > > >> > > > > > > >> > > > > >> > > > > > > >> > > > > >> > > > > > >> > > > > >> > > > > >> > > > > >> > > > >> > > > > >> > > >> > > > > >> > >> > > > > >> >> > > > > >> > > > >> > > >> > >> >> roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Group"> >> > > > > >> > > > > > > </Realm> >> > > > > >> > > > > > > >> > > > > >> > > > > > > so simply implement a custom LoginModule instead >> of a >> > > > realm >> > > > > >> > > > > > > >> > > > > >> > > > > > > wdyt? >> > > > > >> > > > > > > >> > > > > >> > > > > > > - Romain >> > > > > >> > > > > > > >> > > > > >> > > > > > > >> > > > > >> > > > > > > 2012/6/1 José Luis Cetina <[email protected]> >> > > > > >> > > > > > > >> > > > > >> > > > > > > > Sorry, i use DataSourceRealm, i have my >> > > user/pass/roles >> > > > in >> > > > > >> the >> > > > > >> > > DB. >> > > > > >> > > > > > > > >> > > > > >> > > > > > > > >> > > > > >> > > > > > > > >> > > > > >> > > > > > > > 2012/5/31 Romain Manni-Bucau < >> [email protected] >> > > >> > > > > >> > > > > > > > >> > > > > >> > > > > > > > > can't you do it with an embedded one? >> > > > > >> > > > > > > > > >> > > > > >> > > > > > > > > well DataSourceRealm doesn't use JAAS by >> default i >> > > > > think, >> > > > > >> > maybe >> > > > > >> > > > > > that's >> > > > > >> > > > > > > > the >> > > > > >> > > > > > > > > issue >> > > > > >> > > > > > > > > >> > > > > >> > > > > > > > > - Romain >> > > > > >> > > > > > > > > >> > > > > >> > > > > > > > > >> > > > > >> > > > > > > > > 2012/6/1 José Luis Cetina < >> [email protected]> >> > > > > >> > > > > > > > > >> > > > > >> > > > > > > > > > OK, i can create a sample, but i use >> > > > DataSourceRealm, >> > > > > >> are >> > > > > >> > you >> > > > > >> > > > > gonna >> > > > > >> > > > > > > > > > configure your database? >> > > > > >> > > > > > > > > > >> > > > > >> > > > > > > > > > 2012/5/31 Romain Manni-Bucau < >> > > [email protected] >> > > > > >> > > > > >> > > > > > > > > > >> > > > > >> > > > > > > > > > > can you have a try in an EJB please? (just >> try >> > > to >> > > > > add >> > > > > >> > > > > @Stateless >> > > > > >> > > > > > on >> > > > > >> > > > > > > > > your >> > > > > >> > > > > > > > > > > managed bean for instance) >> > > > > >> > > > > > > > > > > >> > > > > >> > > > > > > > > > > can you share a sample easy to run? >> > > > > >> > > > > > > > > > > >> > > > > >> > > > > > > > > > > - Romain >> > > > > >> > > > > > > > > > > >> > > > > >> > > > > > > > > > > >> > > > > >> > > > > > > > > > > 2012/6/1 José Luis Cetina < >> > [email protected] >> > > > >> > > > > >> > > > > > > > > > > >> > > > > >> > > > > > > > > > > > Yes, im using JAAS >> > > > > >> > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > 2012/5/31 Romain Manni-Bucau < >> > > > > [email protected] >> > > > > >> > >> > > > > >> > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > Hi, >> > > > > >> > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > Do you use jaas? >> > > > > >> > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > - Romain >> > > > > >> > > > > > > > > > > > > Le 31 mai 2012 20:14, "José Luis >> Cetina" < >> > > > > >> > > > > > [email protected] >> > > > > >> > > > > > > > >> > > > > >> > > > > > > > a >> > > > > >> > > > > > > > > > > écrit >> > > > > >> > > > > > > > > > > > : >> > > > > >> > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > Hi i have this scenario: >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > I have a page login.xhtml, this page >> > has a >> > > > > >> > > ManagedBean >> > > > > >> > > > > > > (@Named) >> > > > > >> > > > > > > > > > this >> > > > > >> > > > > > > > > > > > > > managedbean use the >> > > request.login(user,pass) >> > > > > >> > method. >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > When i do this: >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > managedbean class: >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > @Resource >> > > > > >> > > > > > > > > > > > > > private EJBContext ejbContext; >> > > > > >> > > > > > > > > > > > > > . >> > > > > >> > > > > > > > > > > > > > . >> > > > > >> > > > > > > > > > > > > > request.login(user,pass); >> > > > > >> > > > > > > > > > > > > > String name = >> > > > > >> > > > ejbContext.getCallerPrincipal().getName(); >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > I get "guest" as my user name. But i >> > > expect >> > > > > the >> > > > > >> > name >> > > > > >> > > of >> > > > > >> > > > > my >> > > > > >> > > > > > > user >> > > > > >> > > > > > > > > (of >> > > > > >> > > > > > > > > > > > > course >> > > > > >> > > > > > > > > > > > > > is not guest) >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > If the login was successful my login >> > page >> > > > > >> navigate >> > > > > >> > to >> > > > > >> > > > > other >> > > > > >> > > > > > > > page >> > > > > >> > > > > > > > > > lets >> > > > > >> > > > > > > > > > > > say >> > > > > >> > > > > > > > > > > > > > pageb.xhtml >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > If i create a managedbean (@Named) >> for >> > > > > >> pageb.xhtml >> > > > > >> > > and >> > > > > >> > > > in >> > > > > >> > > > > > > that >> > > > > >> > > > > > > > > > > > > managedbean >> > > > > >> > > > > > > > > > > > > > i use again: >> > > > > >> > > > > > > > > > > > > > String name = >> > > > > >> > > > ejbContext.getCallerPrincipal().getName(); >> > > > > >> > > > > > > > > > > > > > then, here i get my "correct" name of >> > the >> > > > user >> > > > > >> (not >> > > > > >> > > > > guest). >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > I dont know if this is the desire >> > > behaviour >> > > > or >> > > > > >> if >> > > > > >> > > this >> > > > > >> > > > > > > happend >> > > > > >> > > > > > > > > > > because >> > > > > >> > > > > > > > > > > > > the >> > > > > >> > > > > > > > > > > > > > http request isnt finished? >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > other question why if i call >> > > > > >> > > > > > > > > > > > > > the >> > > > > ejbContext.getCallerPrincipal().getName(); >> > > > > >> > > before >> > > > > >> > > > > the >> > > > > >> > > > > > > > > > > > > request.login() >> > > > > >> > > > > > > > > > > > > > method i get again "guest", why not >> > null? >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > If this question is for >> tomee(openejb) >> > or >> > > > > >> tomcat? >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > Thanks >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > >> > > > > >> > > > >> > > > > >> ------------------------------------------------------------------- >> > > > > >> > > > > > > > > > > > > > *SCJA. José Luis Cetina* >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > >> > > > > >> > > > >> > > > > >> ------------------------------------------------------------------- >> > > > > >> > > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > >> > > > > >> > > > > > > > > > > > -- >> > > > > >> > > > > > > > > > > > >> > > > > >> > > > > > > >> > > > > >> > >> > > ------------------------------------------------------------------- >> > > > > >> > > > > > > > > > > > *SCJA. José Luis Cetina* >> > > > > >> > > > > > > > > > > > >> > > > > >> > > > > > > >> > > > > >> > >> > > ------------------------------------------------------------------- >> > > > > >> > > > > > > > > > > > >> > > > > >> > > > > > > > > > > >> > > > > >> > > > > > > > > > >> > > > > >> > > > > > > > > > >> > > > > >> > > > > > > > > > >> > > > > >> > > > > > > > > > -- >> > > > > >> > > > > > > > > > >> > > > > >> > > > > >> > > > > >> >> > ------------------------------------------------------------------- >> > > > > >> > > > > > > > > > *SCJA. José Luis Cetina* >> > > > > >> > > > > > > > > > >> > > > > >> > > > > >> > > > > >> >> > ------------------------------------------------------------------- >> > > > > >> > > > > > > > > > >> > > > > >> > > > > > > > > >> > > > > >> > > > > > > > >> > > > > >> > > > > > > > >> > > > > >> > > > > > > > >> > > > > >> > > > > > > > -- >> > > > > >> > > > > > > > >> > > > > >> > > >> > > > ------------------------------------------------------------------- >> > > > > >> > > > > > > > *SCJA. José Luis Cetina* >> > > > > >> > > > > > > > >> > > > > >> > > >> > > > ------------------------------------------------------------------- >> > > > > >> > > > > > > > >> > > > > >> > > > > > > >> > > > > >> > > > > > >> > > > > >> > > > > > >> > > > > >> > > > > > >> > > > > >> > > > > > -- >> > > > > >> > > > > > >> > > > > >> >> > ------------------------------------------------------------------- >> > > > > >> > > > > > *SCJA. José Luis Cetina* >> > > > > >> > > > > > >> > > > > >> >> > ------------------------------------------------------------------- >> > > > > >> > > > > > >> > > > > >> > > > > >> > > > > >> > > > >> > > > > >> > > > >> > > > > >> > > > >> > > > > >> > > > -- >> > > > > >> > > > >> > > > > >> ------------------------------------------------------------------- >> > > > > >> > > > *SCJA. José Luis Cetina* >> > > > > >> > > > >> > > > > >> ------------------------------------------------------------------- >> > > > > >> > > > >> > > > > >> > > >> > > > > >> > >> > > > > >> > >> > > > > >> > >> > > > > >> > -- >> > > > > >> > >> > > ------------------------------------------------------------------- >> > > > > >> > *SCJA. José Luis Cetina* >> > > > > >> > >> > > ------------------------------------------------------------------- >> > > > > >> > >> > > > > >> >> > > > > > >> > > > > > >> > > > > > >> > > > > > -- >> > > > > > >> ------------------------------------------------------------------- >> > > > > > *SCJA. José Luis Cetina* >> > > > > > >> ------------------------------------------------------------------- >> > > > > > >> > > > > > >> > > > > >> > > > > >> > > > > -- >> > > > > >> ------------------------------------------------------------------- >> > > > > *SCJA. José Luis Cetina* >> > > > > >> ------------------------------------------------------------------- >> > > > > >> > > > >> > > >> > > >> > > >> > > -- >> > > ------------------------------------------------------------------- >> > > *SCJA. José Luis Cetina* >> > > ------------------------------------------------------------------- >> > > >> > >> >> >> >> -- >> ------------------------------------------------------------------- >> *SCJA. José Luis Cetina* >> ------------------------------------------------------------------- >> > >
