users@glassfish.java.net

Re: GFv3 Custom Principal

From: <glassfish_at_javadesktop.org>
Date: Thu, 13 May 2010 07:52:36 PDT

Hi,

I tried this with GFv2 too, but did not succeded too the difference was only in the class name
GFv3: org.glassfish.security.common.PrincipalImpl
GFv2: com.sun.enterprise.deployment.PrincipalImpl]
between them.

What must I do when I would like to use a custom principal in GF?

Please a little help, thenks, Attila.

GFV2 LOG:
AUTHENTICATE: <helloRealm>(programmer)[hello]
COMMIT: <helloRealm>(programmer)[hello]
CUSTOM PRINCIPAL: <helloRealm>(programmer)[hello]
In HelloBean(Stateless)::hello()[com.sun.enterprise.deployment.PrincipalImpl](programmer)


// CTJDBCLoginModule
----------------------------------
public class CTJDBCLoginModule extends PasswordLoginModule {
    /**
     * Perform JDBC authentication. Delegates to JDBCRealm.
     *
     * @throws LoginException If login fails (JAAS login() behavior).
     */
    protected void authenticate() throws LoginException {
        if (!(_currentRealm instanceof JDBCRealm)) {
            String msg = sm.getString("jdbclm.badrealm");
            throw new LoginException(msg);
        }
            System.out.println("AUTHENTICATE: <"+_currentRealm.getName()+">("+_username+")["+_password+"]");
        
        final JDBCRealm jdbcRealm = (JDBCRealm)_currentRealm;

        // A JDBC user must have a name not null and non-empty.
        if ( (_username == null) || (_username.length() == 0) ) {
            String msg = sm.getString("jdbclm.nulluser");
            throw new LoginException(msg);
        }
        
        String[] grpList = jdbcRealm.authenticate(_username, _password);

        if (grpList == null) { // JAAS behavior
            String msg = sm.getString("jdbclm.loginfail", _username);
            throw new LoginException(msg);
        }

        if (_logger.isLoggable(Level.FINEST)) {
            _logger.finest("JDBC login succeeded for: " + _username
                + " groups:" + grpList);
        }

        //make a copy of groupList to pass to LoginModule. This copy is the one
        // that will be made null there. DO NOT PASS the grpList as is - as
        // it will get overwritten. Resulting in logins passing only once.
        final String[] groupListToForward = new String[grpList.length];
        System.arraycopy(grpList, 0, groupListToForward, 0, grpList.length);

        commitAuthentication(_username, _password,
                             _currentRealm, groupListToForward);
    }

    public boolean commit() throws LoginException
    {
        if (_succeeded == false) {
            return false;
        }
            System.out.println("COMMIT: <"+_currentRealm.getName()+">("+_username+")["+_password+"]");

        // Add a Principal (authenticated identity) to the Subject
        // Assume the user we authenticated is the PrincipalImpl [RI]
        _userPrincipal = new CTJDBCLoginModuleUser(_username);
        CTJDBCLoginModuleUser myUserPrincipal = new CTJDBCLoginModuleUser(_username);
        Set<Principal> principalSet = _subject.getPrincipals();
        if (!principalSet.contains(myUserPrincipal)){
            principalSet.add(myUserPrincipal);
                System.out.println("CUSTOM PRINCIPAL: <"+_currentRealm.getName()+">("+_username+")["+_password+"]");
        }
        /* populate the group in the subject and clean out the slate at the same
         * time
         */
        for(int i = 0; i<_groupsList.length; i++){
            if(_groupsList[i] != null){
                //
                //Group g = new Group(_groupsList[i]);
                PrincipalImpl g = new PrincipalImpl(_groupsList[i]);
                if(!principalSet.contains(g)){
                    principalSet.add(g);
                }
                
                // cleaning the slate
                _groupsList[i] = null;
            }
        }
        // In any case, clean out state.
        _groupsList = null;
        _username = null;
        _password = null;
        _commitSucceeded = true;
        if(_logger.isLoggable(Level.FINE)){
            _logger.log(Level.FINE,"JAAS authentication committed.");
        }
        return true;
    }
}
[Message sent by forum member 'aszomor']

http://forums.java.net/jive/thread.jspa?messageID=469698