struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Muhammad Momin Rashid <mo...@abdere.com>
Subject Re: JAAS struts 2 Tutorial?
Date Mon, 17 Sep 2007 14:39:40 GMT
Hello Tom,

Thanks for your continued input.  The application isn't simple, it is a 
J2EE application which will serve a large number of users (users will be 
using Web Browser or Mobile Device to access the application).

Based on the help I got on this list, I have been successful in setting 
up JAAS and authenticating the user.

Now I am just not sure if the user credentials are being kept. 
Following is the code I wrote which processes the user's login.  Can you 
see what I am missing?  I have placed the following code in the execute 
method of my action, perhaps it isn't the right place?

Subject subject;
Set principalList;

String returnValue = SUCCESS;
try
{
	SecurityAssociationHandler handler = new SecurityAssociationHandler();
	SimplePrincipal user = new SimplePrincipal(username);
	handler.setSecurityInfo(user, password.toCharArray());
	LoginContext loginContext = new LoginContext("ContentPlatform", 
(CallbackHandler) handler);
	loginContext.login();
	subject = loginContext.getSubject();
	principalList = subject.getPrincipals();
	principalList.add(user);
	
	System.out.println("o0o0o subject:"
		+ subject);
	System.out.println("o0o0o principle:"
		+ principalList);
}
catch (LoginException e)
{
	e.printStackTrace();
	returnValue = ERROR;
}

return returnValue;


Regards,
Muhammad Momin Rashid.

tom tom wrote:
> If it's simple application, you dont need JAAS, You
> can do it via just session management isnt it? You
> might need user, role, user-role  threee tables on
> database 
> thats it :)
> 
> If you are using Application server like Jboss, the
> server itself got inbuilt features, which is
> altogether a different discussion.
> 
> 
> If the application is simple, do not make it
> complicated,
> 
> we use JASS with CAS central authentication service
> which provided SSO features.
> 
> 
> hope this helps
> 
> 
> 
> 
> 
> 
> 
> 
> 
> --- Muhammad Momin Rashid <momin@abdere.com> wrote:
> 
>> Hello tom,
>>
>> I am building a J2EE application, that is going to
>> be viewed using Web 
>> Browser and Mobile Devices.
>>
>> I am trying to implement security so that only a
>> logged in user with the 
>> correct role can access the different parts of the
>> application e.g. a 
>> non-logged in user can only access the public
>> information, a logged in 
>> user can access his private data, and an logged in
>> admin user can access 
>> the admin console.
>>
>> Regards,
>> Muhammad Momin Rashid.
>>
>> tom tom wrote:
>>> what exactly you are trying to do?
>>>
>>>
>>> --- Muhammad Momin Rashid <momin@abdere.com>
>> wrote:
>>>> Hello Everyone,
>>>>
>>>> I am looking for a tutorial for integrating JAAS
>>>> into my Struts 2 + 
>>>> Hibernate Application.  Can anyone point me to
>> the
>>>> right resources?
>>>>
>>>> Is JAAS the best way to go, or there are better
>>>> alternates?  If anyone 
>>>> thinks there are better alternates, can you
>> provide
>>>> me with the links to 
>>>> relevant tutorials?
>>>>
>>>> Regards,
>>>> Muhammad Momin Rashid.
>>>>
>>>>
>>>>
> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail:
>>>> user-unsubscribe@struts.apache.org
>>>> For additional commands, e-mail:
>>>> user-help@struts.apache.org
>>>>
>>>>
>>>
>>>
>>>      
> ____________________________________________________________________________________
>>> Luggage? GPS? Comic books? 
>>> Check out fitting gifts for grads at Yahoo! Search
>>>
> http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz
>>
>>
> ---------------------------------------------------------------------
>> To unsubscribe, e-mail:
>> user-unsubscribe@struts.apache.org
>> For additional commands, e-mail:
>> user-help@struts.apache.org
>>
>>
> 
> 
> 
>        
> ____________________________________________________________________________________
> Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers
- Check it out.
> http://answers.yahoo.com/dir/?link=list&sid=396545469


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message