Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / November 2006

Tip: Looking for answers? Try searching our database.

JBoss - JAAS - Role info

Thread view: 
Enable EMail AlertsStart New Thread
puneet.maini@gmail.com - 22 Nov 2006 21:32 GMT
Hi,

I've configured JBoss server to use the JAAS (password & role).

Now, do anybody has the piece of code to fetch the role of the logged
in user (Principal).

Thanks,
- Puneet
Reply to this Message
Danno - 22 Nov 2006 21:43 GMT
puneet.ma...@gmail.com wrote:
> Hi,
>
[quoted text clipped - 5 lines]
> Thanks,
> - Puneet

from where? an EJB? a Servlet? or Application?
Reply to this Message
puneet.maini@gmail.com - 22 Nov 2006 21:48 GMT
Lets say from a servlet.

I'm using the following piece of code in a JSP to get the logged in
user_id:
((Principal) SecurityAssociation.getPrincipal()).getName()

but, how to get the role info

Thanks

> puneet.ma...@gmail.com wrote:
> > Hi,
[quoted text clipped - 8 lines]
>
> from where? an EJB? a Servlet? or Application?
Reply to this Message
Wesley Hall - 23 Nov 2006 01:01 GMT
> I'm using the following piece of code in a JSP to get the logged in
> user_id:
> ((Principal) SecurityAssociation.getPrincipal()).getName()

Dont do this!! SecurityAssociation is a JBoss specific class and would
tie your JSPs to JBoss. Even if you don't expect to change application
server there is no reason to do it this way because...

request.getUserPrincipal().getName()

...will work just as well and will work on any platform.

> but, how to get the role info

To the best of my knowledge there isn't a standard API call to enumerate
roles for a given user. You can use 'request.isUserInRole("RoleName")
which will return true or false depending on whether the user has the
role specified but this does require that you know which role you are
asking about.

If you require something more, you might want to load the user/role data
from a database (if you aren't already), JBoss provides a LoginModule to
do this. Then you can write your own code that will be something like...

String[] roles = getRolesForUser(username);

...which will query your database and return the result.
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.