Hi,
I have been able to authenticate a user using JAAS on
Jboss 4.2. However here is my question? How do I access once the user is logged in what roles he/she has?
Here is my SessionLogin action, whihc implements the PrincipalAware interface, and i know from my debug lines this does get set. When i call isUserRole("Admin") it is showing false.
I thought implementing PrincipalAware will give me access to what got set with JAAS on JBoss
Can anyone help?
package lab.security;
import java.io.ByteArrayInputStream;
import java.rmi.RemoteException;
import java.security.Principal;
import java.util.*;
import javax.ejb.CreateException;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.rmi.PortableRemoteObject;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.ServletContext;
import org.apache.log4j.Logger;
import org.apache.struts2.interceptor.PrincipalAware;
import org.apache.struts2.interceptor.PrincipalProxy;
import org.apache.struts2.util.ServletContextAware;
import org.jboss.security.SimplePrincipal;
import org.jboss.security.auth.callback.SecurityAssociationHandler;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;
public class SessionLogin extends ActionSupport implements ServletContextAware, PrincipalAware
{
/**
*
*/
private static final long serialVersionUID = 2452642373778L;
private
String userId;
private String password;
public byte[] foto;
private PrincipalProxy _principalProxy;
private ServletContext _servletContext;
public String execute() throws Exception {
Properties prop = new Properties();
String j_username = null;
String j_password = null;
try {
System.out.println("in excute() "+this.userId);
SecurityAssociationHandler handler = new
SecurityAssociationHandler();
SimplePrincipal user = new SimplePrincipal(this.userId);
handler.setSecurityInfo(user, this.password.toCharArray());
LoginContext loginContext = new
LoginContext("userRolesTest", (CallbackHandler) handler);
loginContext.login();
//Subject subject = loginContext.getSubject();
//Set principals = subject.getPrincipals();
//principals.add(user);
Map mp = ActionContext.getContext().getSession();
mp.put("logged-in", "true");
System.out.println("User role admin :"+_principalProxy.isUserInRole("Admin"));
System.out.println("User role admin :"+_principalProxy.isUserInRole("User")); return "SUCCESS";
} catch (LoginException e) {
e.printStackTrace();
}
return "ERROR";
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUsername() {
return userId;
}
public void setUsername(String userId) {
this.userId = userId;
}
public byte[] getFoto() {
return foto;
}
public void setFoto(byte[] foto) {
this.foto = foto;
}
public void setPrincipalProxy(PrincipalProxy principalProxy)
{
System.out.println("principalProxy context set :"+principalProxy);
_principalProxy = principalProxy;
}
public void setServletContext(ServletContext servletContext)
{
System.out.println("servletContext context set :"+servletContext);
_servletContext = _servletContext;
}
}