Return-Path: Delivered-To: apmail-geronimo-user-archive@www.apache.org Received: (qmail 97010 invoked from network); 5 Sep 2008 12:56:09 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 5 Sep 2008 12:56:09 -0000 Received: (qmail 13155 invoked by uid 500); 5 Sep 2008 12:56:07 -0000 Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org Received: (qmail 12618 invoked by uid 500); 5 Sep 2008 12:56:06 -0000 Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: user@geronimo.apache.org List-Id: Delivered-To: mailing list user@geronimo.apache.org Received: (qmail 12607 invoked by uid 99); 5 Sep 2008 12:56:06 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 05 Sep 2008 05:56:06 -0700 X-ASF-Spam-Status: No, hits=3.2 required=10.0 tests=RCVD_ILLEGAL_IP,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of marco.laponder@kewill.com designates 194.178.120.122 as permitted sender) Received: from [194.178.120.122] (HELO fiat.interchain.nl) (194.178.120.122) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 05 Sep 2008 12:55:07 +0000 Received: from daf.interchain.nl (daf.interchain.nl [1.0.0.44]) by fiat.interchain.nl (8.12.11/8.12.11) with ESMTP id m85CsX2b024095 for ; Fri, 5 Sep 2008 14:54:33 +0200 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: retrieve custom principal from custom loginmodule in servlet Date: Fri, 5 Sep 2008 14:54:39 +0200 Message-ID: <7C173BF6D5C92C4C9259C35519CBD49B034A4DA3@daf.interchain.nl> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: retrieve custom principal from custom loginmodule in servlet Thread-Index: AckN57hoNjUthWyaRy6Ahadxo+VCTABbdBhQ From: "Marco Laponder" To: X-Virus-Checked: Checked by ClamAV on apache.org Didn't quite succeed in this method. The getUserPrincipal always return met a Principal of type org.apache.geronimo.jetty6.JAASJettyPrincipal. Solution which I now use is getting the subject of that object and looping over the principals in that subject to find my custom principal. It works but I am not really impressed with the code ;-) Kind regards, Marco -----Oorspronkelijk bericht----- Van: David Jencks [mailto:david_jencks@yahoo.com]=20 Verzonden: woensdag 3 september 2008 19:07 Aan: user@geronimo.apache.org Onderwerp: Re: retrieve custom principal from custom loginmodule in servlet On Sep 3, 2008, at 1:28 AM, Marco Laponder wrote: > Hi Everyone, > > I am trying to build a custom login module where custom principals are > added to the subject. The login works as expected and on the commit I > add my specific principal object to the subject. > > So far so good, but now I need to retrieve this object In my servlet =20 > and > I was expecting to be able to retrieve it by > httpRequest.getUserPrincipal() but the principal returned is not an > instance of my custom principal. Can anyone given any tips how to find > out what I am doing incorrect or is this situation not possible at =20 > all ? You don't say if your login configuration includes any other login =20 modules. Assuming that it does not.... The specs don't describe how to pick the "UserPrincipal" from the =20 possibly numerous principals in a logged-in Subject. Geronimo uses =20 this code snippet: Set principals =3D =20 subject.getPrincipals(GeronimoCallerPrincipal.class); if (!principals.isEmpty()) { context.principal =3D principals.iterator().next(); } else if (!(principals =3D =20 subject.getPrincipals(PrimaryRealmPrincipal.class)).isEmpty()) { context.principal =3D principals.iterator().next(); } else if (!(principals =3D =20 subject.getPrincipals(RealmPrincipal.class)).isEmpty()) { context.principal =3D principals.iterator().next(); } else if (!(principals =3D subject.getPrincipals()).isEmpty()) = { context.principal =3D principals.iterator().next(); } So, the most reliable way to get your special principal returned as =20 the UserPrincipal is to have it implement the marker interface =20 GeronimoCallerPrincipal, and assure it is the only principal that =20 implements that interface. Hope this helps david jencks > > > > Kind regards, > Marco Laponder >