• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Tim Cooke
  • Paul Clapham
  • Jeanne Boyarsky
Sheriffs:
  • Ron McLeod
  • Frank Carver
  • Junilu Lacar
Saloon Keepers:
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Al Hobbs
  • Carey Brown
Bartenders:
  • Piet Souris
  • Frits Walraven
  • fred rosenberger

Problem of JAAS with JDK version

 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I am facing a problem for JAAS implementation with Java(TM) 2 SDK, Standard Edition Version 1.4.1 and tagish.jar.
I took help form http://www.mooreds.com/jaas.htmland also from http://free.tagish.net/jaas/doc.html.

----------------------------------------------------------------------------

I used JAAS with the above mentioned configurations for UserId/password Authorization and Authentication of my application.

----------------------------------------------------------------------------
Here also I use tagish.login file for the class I use for JAAS

Entry in the tagish.login file

FileLogin
{
com.tagish.auth.DBLogin required debug=true contextPath="D:/Tomcat 4.1/webapps/pharma";
};

----------------------------------------------------------------------------
Also insert the following value for login configuration and Policy in the java.security file

login.config.url.1=file:${java.home}/lib/security/tagish.login
policy.url.1=file:${java.home}/lib/security/epedigree.policy

---------------------------------------------------------------------------
In the epedigree.policy file is look like -

grant Principal * * {

permission com.xor.auth.perm.URLPermission "/pages/Home.jsp";
..
..
..
};

grant Principal com.tagish.auth.TypedPrincipal "PR001" {


permission com.xor.auth.perm.URLPermission "/pharma/Welcome.do";
permission com.xor.auth.perm.URLPermission "/pharma/AdminAction.do";
--
--
--

};
--------------------------------------------------------------------------
epedigree.policy,java.security,tagish.login files are placed inside jre\lib\security folder.

----------------------------------------------------------------------------

@@@@ All these configurations are made taking help from the above mentioned link @@@@

----------------------------------------------------------------------------
Basically in my application I use my ActionServlet instead of
org.apache.struts.action.ActionServlet.

public class ActionServlet extends org.apache.struts.action.ActionServlet

In this class I give the permission for my logging Page to all users and for rest of the requestd page I check the permission.

Entry of the requested pages are mentioned in the struts config file.

code :

Subject subject = ((Subject)(request.getSession().getAttribute("subject_key")));

if (subject == null && (! request.getRequestURI().equals(loginPage)))
{
// redirect to login page
response.sendRedirect(request.getContextPath()+"/pages/right.jsp");
}
else if (subject == null && request.getRequestURI().equals(loginPage))
{
// login page is always permitted
super.process(request,response);

} else {


if ( ! AuthUtils.permitted(subject, perm) ) {

// subject is not permitted; redirect to error page

System.err.println("@@@@ ------------ ActionServlet : : Flag1 : Not Permitted " );

String theURL = request.getContextPath()+"/pages/right.jsp?"+ "pagePerm=no";
theURL = response.encodeRedirectURL(theURL);
response.sendRedirect(theURL);

} else {

System.err.println("@@@@ ------------ ActionServlet : : Flag2 : Permitted ");
super.process(request,response);
}
}


AuthUtils class available in the tagish.jar.
---------------------------------------------------------------------------

Now where the problem starts.

---------------------------------------------------------------------------
In one of my page when I submit the page I set a form variable in the corrosponding js file.

But I am not getting that value in the requested Action class .
---------------------------------------------------------------------------
function onClickAddTransRecv()
{
window.alert("saving TransRecvFormBean");
document.TransRecvInfoForm.actionType.value = "addTransRecvSubmit";
document.TransRecvInfoForm.submit();
window.alert("TransRecvInfoForm submited");
window.close();
}

In the requested action class

String sAction = (String) request.getParameter("actionType");

The value of sAction is NULL instead of "addTransRecvSubmit" .

---------------------------------------------------------------------------
But if I use JDK1.5.0_04 or Java1.5x I am not facing that problem.
I am geting the appropriate value of sAction.
---------------------------------------------------------------------------

Please help.

[ April 20, 2007: Message edited by: shankha bhattacharya ]
[ April 20, 2007: Message edited by: shankha bhattacharya ]
 
Rancher
Posts: 3742
16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't know the answer to your question, but I do know you are more likely to get help if you edit your post and put all the code into code tags to make it more readable.
 
He baked a muffin that stole my car! And this tiny ad:
Garden Master Course kickstarter
https://coderanch.com/t/754577/Garden-Master-kickstarter
reply
    Bookmark Topic Watch Topic
  • New Topic