JAAS roles propagation in TomEE

Fri, 06 Feb 2015 01:28:18 -0800 

Hello,

i'm on a JAAS authentication realm for a web application on TomEE.

I think I miss a thing in the login process.

I developed my custom LoginModule, configured it and seems work well.
When i try to log in the user (with HttpServletRequest.login() or 
LoginContext.login()) all works fine, realm recognize username and password and 
I get the user's roles setted in the LoginModule.commit().

After the login there is a redirect and in the new servlet there is no trace of 
user principals or roles principals setted by login.

I try

-          HttpServletRequest.getRemoteUser()

-          HttpServletRequest.isUserInRole()

-          @RolesAllowed("someroles")
But in any way I have no trace of the logged user


Here are my configurations:

In context:
<Realm className="org.apache.catalina.realm.JAASRealm"
           appName="custom-login"
           
userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User"
           
roleClassNames="org.apache.openejb.core.security.AbstractSecurityService$Group"/>


login.config (in TomEE conf folder):
custom-login {
   custom.login.module.package.Module required;
};


The custom.login.module.package.Module by spec implements LoginModule, and the 
principals I set on commit() operation are

-          org.apache.openejb.core.security.AbstractSecurityService$User

-          org.apache.openejb.core.security.AbstractSecurityService$Group


Referenced by:
-Djava.security.auth.login.config=%CATALINA_HOME%/conf/login.config


Am I missing something? Any advice?


Piercarlo Alberto Beghetto
Developer @ Diennea - MagNews
Tel.: (+39) 0546 066100 - Int. 967
Viale G.Marconi 30/14 - 48018 Faenza (RA)

[http://www.magnews.it/uploads/39/b1/39b14fb9e0bf42e5329d781139639f34/MagNews-per-firma-.jpg]<http://www.magnews.it/it>
[http://www.magnews.it/uploads/54/da/54da7b9f01a24e97c88c660f9321493b/1361834300_linkedin.jpg]<http://www.linkedin.com/company/diennea---magnews>
     
[http://www.magnews.it/uploads/13/46/1346f8efb8ff0b9a009fb40d35f3031d/1361834261_twitter.jpg]
 <http://twitter.com/DienneaMagNews>      
[http://www.magnews.it/uploads/1b/9d/1b9d890c34589a070a686e0564c6a4c8/1361834314_facebook.jpg]
 <http://www.facebook.com/pages/MagNews/197617841797>      
[http://www.magnews.it/uploads/04/cf/04cf3df25b9d56d8c99e6946efb735cb/1363207242_10.png]
 <http://www.magnews.it/it/iscriviti-alla-newsletter>




________________________________
Iscriviti alla nostra newsletter per rimanere aggiornato su digital ed email 
marketing! http://www.magnews.it/newsletter/

Reply via email to