Here is the sample project. https://github.com/piercarlobeghetto/jaas-test
thanks Piercarlo Alberto Beghetto Developer @ Diennea - MagNews Tel.: (+39) 0546 066100 - Int. 967 Viale G.Marconi 30/14 - 48018 Faenza (RA) -----Messaggio originale----- Da: Romain Manni-Bucau [mailto:[email protected]] Inviato: venerdì 6 febbraio 2015 15:02 A: [email protected] Oggetto: Re: JAAS roles propagation in TomEE easiest is generally to share a maven project on github or any public source code platform Romain Manni-Bucau @rmannibucau http://www.tomitribe.com http://rmannibucau.wordpress.com https://github.com/rmannibucau 2015-02-06 14:54 GMT+01:00 Piercarlo Alberto Beghetto - Diennea <[email protected]>: > Suppose i need to produce some kind of file via maven. I'm trying in NetBeans. > When done, I'll share that. > > > > Piercarlo Alberto Beghetto > Developer @ Diennea - MagNews > Tel.: (+39) 0546 066100 - Int. 967 > Viale G.Marconi 30/14 - 48018 Faenza (RA) > > > > > > -----Messaggio originale----- > Da: Romain Manni-Bucau [mailto:[email protected]] > Inviato: venerdì 6 febbraio 2015 11:14 > A: [email protected] > Oggetto: Re: JAAS roles propagation in TomEE > > Hi > > can you share a sample we can run (mvn packahe tomee:run + GET /demo would be > great)? > > > Romain Manni-Bucau > @rmannibucau > http://www.tomitribe.com > http://rmannibucau.wordpress.com > https://github.com/rmannibucau > > > 2015-02-06 10:54 GMT+01:00 Piercarlo Alberto Beghetto - Diennea > <[email protected]>: >> I tried. >> >> I started with two classes, RolePrincipal and UserPrincipal >> implementing simply java.security.Principal >> >> And with conf >> >> <Realm className="org.apache.catalina.realm.JAASRealm" >> appName="custom-login" >> userClassNames="custom.login.module.package.UserPrincipal " >> roleClassNames="custom.login.module.package.RolePrincipal >> "/> >> >> but it run in the same way. >> Looking in some examples I found that alternative solution, was a try. >> >> >> >> >> Piercarlo Alberto Beghetto >> Developer @ Diennea - MagNews >> Tel.: (+39) 0546 066100 - Int. 967 >> Viale G.Marconi 30/14 - 48018 Faenza (RA) >> >> >> >> >> >> -----Messaggio originale----- >> Da: Romain Manni-Bucau [mailto:[email protected]] >> Inviato: venerdì 6 febbraio 2015 10:42 >> A: [email protected] >> Oggetto: Re: JAAS roles propagation in TomEE >> >> Hi >> >> did you extend >> org.apache.openejb.core.security.AbstractSecurityService$User >> and org.apache.openejb.core.security.AbstractSecurityService$Group in >> your realm? that's the config you did but it is uncommon to do it >> AFAIK >> >> >> Romain Manni-Bucau >> @rmannibucau >> http://www.tomitribe.com >> http://rmannibucau.wordpress.com >> https://github.com/rmannibucau >> >> >> 2015-02-06 10:27 GMT+01:00 Piercarlo Alberto Beghetto - Diennea >> <[email protected]>: >>> Hello, >>> >>> i'm on a JAAS authentication realm for a web application on TomEE. >>> >>> I think I miss a thing in the login process. >>> >>> I developed my custom LoginModule, configured it and seems work well. >>> When i try to log in the user (with HttpServletRequest.login() or >>> LoginContext.login()) all works fine, realm recognize username and password >>> and I get the user's roles setted in the LoginModule.commit(). >>> >>> After the login there is a redirect and in the new servlet there is no >>> trace of user principals or roles principals setted by login. >>> >>> I try >>> >>> - HttpServletRequest.getRemoteUser() >>> >>> - HttpServletRequest.isUserInRole() >>> >>> - @RolesAllowed("someroles") >>> But in any way I have no trace of the logged user >>> >>> >>> Here are my configurations: >>> >>> In context: >>> <Realm className="org.apache.catalina.realm.JAASRealm" >>> appName="custom-login" >>> >>> userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User" >>> >>> roleClassNames="org.apache.openejb.core.security.AbstractSecuritySer >>> v >>> i >>> ce$Group"/> >>> >>> >>> login.config (in TomEE conf folder): >>> custom-login { >>> custom.login.module.package.Module required; }; >>> >>> >>> The custom.login.module.package.Module by spec implements >>> LoginModule, and the principals I set on commit() operation are >>> >>> - org.apache.openejb.core.security.AbstractSecurityService$User >>> >>> - org.apache.openejb.core.security.AbstractSecurityService$Group >>> >>> >>> Referenced by: >>> -Djava.security.auth.login.config=%CATALINA_HOME%/conf/login.config >>> >>> >>> Am I missing something? Any advice? >>> >>> >>> Piercarlo Alberto Beghetto >>> Developer @ Diennea - MagNews >>> Tel.: (+39) 0546 066100 - Int. 967 >>> Viale G.Marconi 30/14 - 48018 Faenza (RA) >>> >>> [http://www.magnews.it/uploads/39/b1/39b14fb9e0bf42e5329d781139639f34/MagNews-per-firma-.jpg]<http://www.magnews.it/it> >>> [http://www.magnews.it/uploads/54/da/54da7b9f01a24e97c88c660f9321493b/1361834300_linkedin.jpg]<http://www.linkedin.com/company/diennea---magnews> >>> >>> [http://www.magnews.it/uploads/13/46/1346f8efb8ff0b9a009fb40d35f3031d/1361834261_twitter.jpg] >>> <http://twitter.com/DienneaMagNews> >>> [http://www.magnews.it/uploads/1b/9d/1b9d890c34589a070a686e0564c6a4c8/1361834314_facebook.jpg] >>> <http://www.facebook.com/pages/MagNews/197617841797> >>> [http://www.magnews.it/uploads/04/cf/04cf3df25b9d56d8c99e6946efb735cb/1363207242_10.png] >>> <http://www.magnews.it/it/iscriviti-alla-newsletter> >>> >>> >>> >>> >>> ________________________________ >>> Iscriviti alla nostra newsletter per rimanere aggiornato su digital >>> ed email marketing! http://www.magnews.it/newsletter/ >> >> Iscriviti alla nostra newsletter per rimanere aggiornato su digital >> ed email marketing! http://www.magnews.it/newsletter/ > > Iscriviti alla nostra newsletter per rimanere aggiornato su digital ed > email marketing! http://www.magnews.it/newsletter/ Iscriviti alla nostra newsletter per rimanere aggiornato su digital ed email marketing! http://www.magnews.it/newsletter/
