I tried.
I started with two classes, RolePrincipal and UserPrincipal implementing simply
java.security.Principal
And with conf
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="custom-login"
userClassNames="custom.login.module.package.UserPrincipal "
roleClassNames="custom.login.module.package.RolePrincipal "/>
but it run in the same way.
Looking in some examples I found that alternative solution, was a try.
Piercarlo Alberto Beghetto
Developer @ Diennea - MagNews
Tel.: (+39) 0546 066100 - Int. 967
Viale G.Marconi 30/14 - 48018 Faenza (RA)
-----Messaggio originale-----
Da: Romain Manni-Bucau [mailto:[email protected]]
Inviato: venerdì 6 febbraio 2015 10:42
A: [email protected]
Oggetto: Re: JAAS roles propagation in TomEE
Hi
did you extend org.apache.openejb.core.security.AbstractSecurityService$User
and org.apache.openejb.core.security.AbstractSecurityService$Group in your
realm? that's the config you did but it is uncommon to do it AFAIK
Romain Manni-Bucau
@rmannibucau
http://www.tomitribe.com
http://rmannibucau.wordpress.com
https://github.com/rmannibucau
2015-02-06 10:27 GMT+01:00 Piercarlo Alberto Beghetto - Diennea
<[email protected]>:
> Hello,
>
> i'm on a JAAS authentication realm for a web application on TomEE.
>
> I think I miss a thing in the login process.
>
> I developed my custom LoginModule, configured it and seems work well.
> When i try to log in the user (with HttpServletRequest.login() or
> LoginContext.login()) all works fine, realm recognize username and password
> and I get the user's roles setted in the LoginModule.commit().
>
> After the login there is a redirect and in the new servlet there is no trace
> of user principals or roles principals setted by login.
>
> I try
>
> - HttpServletRequest.getRemoteUser()
>
> - HttpServletRequest.isUserInRole()
>
> - @RolesAllowed("someroles")
> But in any way I have no trace of the logged user
>
>
> Here are my configurations:
>
> In context:
> <Realm className="org.apache.catalina.realm.JAASRealm"
> appName="custom-login"
>
> userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User"
>
> roleClassNames="org.apache.openejb.core.security.AbstractSecurityServi
> ce$Group"/>
>
>
> login.config (in TomEE conf folder):
> custom-login {
> custom.login.module.package.Module required; };
>
>
> The custom.login.module.package.Module by spec implements LoginModule, and
> the principals I set on commit() operation are
>
> - org.apache.openejb.core.security.AbstractSecurityService$User
>
> - org.apache.openejb.core.security.AbstractSecurityService$Group
>
>
> Referenced by:
> -Djava.security.auth.login.config=%CATALINA_HOME%/conf/login.config
>
>
> Am I missing something? Any advice?
>
>
> Piercarlo Alberto Beghetto
> Developer @ Diennea - MagNews
> Tel.: (+39) 0546 066100 - Int. 967
> Viale G.Marconi 30/14 - 48018 Faenza (RA)
>
> [http://www.magnews.it/uploads/39/b1/39b14fb9e0bf42e5329d781139639f34/MagNews-per-firma-.jpg]<http://www.magnews.it/it>
> [http://www.magnews.it/uploads/54/da/54da7b9f01a24e97c88c660f9321493b/1361834300_linkedin.jpg]<http://www.linkedin.com/company/diennea---magnews>
>
> [http://www.magnews.it/uploads/13/46/1346f8efb8ff0b9a009fb40d35f3031d/1361834261_twitter.jpg]
> <http://twitter.com/DienneaMagNews>
> [http://www.magnews.it/uploads/1b/9d/1b9d890c34589a070a686e0564c6a4c8/1361834314_facebook.jpg]
> <http://www.facebook.com/pages/MagNews/197617841797>
> [http://www.magnews.it/uploads/04/cf/04cf3df25b9d56d8c99e6946efb735cb/1363207242_10.png]
> <http://www.magnews.it/it/iscriviti-alla-newsletter>
>
>
>
>
> ________________________________
> Iscriviti alla nostra newsletter per rimanere aggiornato su digital ed email
> marketing! http://www.magnews.it/newsletter/
Iscriviti alla nostra newsletter per rimanere aggiornato su digital ed email
marketing! http://www.magnews.it/newsletter/
