• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

weblogic 10 jaas and now what?

 
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Okay, I went through the nightmare of getting examples.security.jaas SAmpleCallbackHandler to work to the point where I can run:



It correctly returns a failed login attempt or a successful login attempt. The web.xml was set up with the following:



However, I am not sure what I need to do with my login.jsp page so that after doing the loginContext.login() it automagically goes back to the page that the security-contraint was set up to send me to the login.jsp page in the first place to log the user in if they are not in the role (i.e., in this case the role is Administrator).

Can somebody explain how this is supposed to work? How will weblogic know that the user is successfully logged in? Is the mere call of loginContext.login() enough? I see there is something called Subject and some mention of RunAs(), which I have no clue what it is. When I tried by the way to just use a parent.history.back() to go back if it sees the return code of the login was 0, it does not seem to leave the login page. Putting a back button with the same code puts me back not at the restricted page I was trying to go to, but back at the page that has the link the user selects to the restricted page.

David
 
Mr.David Shapiro
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I really wish there was good examples out on the web. So, eclipse whines that Invalid Security role-name Administrators. I look about and see mention of using weblogic.xml and having something like:



Unfortunatly, when I create this in eclipse under source's WEB-INF, the application will not start up and throws a 404 error. Am I not supposed to create this where I did? Does eclipse have some hidden version of weblogic.xml that I need to modify, or is there something wrong with what I was trying to put in weblogic.xml?

David
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic