users@glassfish.java.net

Custom LoginModule and Roles

From: <glassfish_at_javadesktop.org>
Date: Thu, 27 May 2010 05:13:34 PDT

Hello,

I have written a custom javax.security.auth.spi.LoginModule implementation for authenticating EJB- and web applications. However, I would like to avoid to manually edit xml-descriptor files like e.g. web.xml or sun-web.xml with respect to security-specific entries like roles or role-mappings. For this, I searched and found an article ( http://stuffthathappens.com/blog/2008/05/16/writing-a-custom-jaas-loginmodule ) where an implementation of java.security.acl.Group (MyGroup) is utilized to set corresponding principals (in this case roles) for a specific subject. However, this is a JBoss-specific solution as the name of this implementation is explicitly set to "Roles". I have tried this under GlassFish v3 and I didn't succeed. The roles I added this way have been ignored. My question is if there is a corresponding solution for GlassFish?

Best regards,

Frederik
[Message sent by forum member 'nlfred']

http://forums.java.net/jive/thread.jspa?messageID=471688