tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Harrison <matt.harri...@tmd.tv>
Subject RE: RE : how to access Subject after authentification
Date Tue, 20 Jul 2004 15:42:12 GMT
I have tried both of these and they both return null!

> -----Original Message-----
> From: Jeanfrancois Arcand [mailto:jfarcand@apache.org]
> Sent: 20 July 2004 16:30
> To: Tomcat Users List
> Subject: Re: RE : how to access Subject after authentification
> 
> 
> Two ways:
> 
> httpSession.getAttribute("javax.security.auth.subject")
> 
> or
> 
> Subject.getSubject(AccessControl.getContext())
> 
> -- Jeanfrancois
> 
> Matt Harrison wrote:
> 
> >Sorry for mis-reading your email
> >
> >If anybody out there knows how to retrieve the Subject, 
> Jean-Pierre and I
> >would most appreciate it!
> >
> >But, if, as I suspect, this is not part of the current 
> servlet spec, and
> >thus not part of Tomcat, can I make a request for this to be 
> included next
> >time round?
> >
> >I work around this by concatenating all the information I 
> require from the
> >subject into the Principal's name in my JAAS login module, as a
> >java.security.Principal object is available from the request 
> object in
> >Tomcat. But I guess this isn't an option for this problem.
> >
> >Matt
> >
> >  
> >
> >>-----Original Message-----
> >>From: LERBSCHER Jean-Pierre 
> >>[mailto:jean-pierre.lerbscher@cofiroute.fr]
> >>Sent: 20 July 2004 15:40
> >>To: 'Tomcat Users List'
> >>Subject: RE : how to access Subject after authentification 
> >>
> >>
> >>Thanks Matt !
> >>My problem is that have to call EJB deployed in Weblogic 
> >>application server
> >>from servlet components. I use the weblogic api to propagate 
> >>the security
> >>information from tomcat to WLS. This api uses the subject! 
> Thus it is
> >>necessary that I can reach it.
> >>
> >>-----Message d'origine-----
> >>De : Matt Harrison [mailto:matt.harrison@tmd.tv] 
> >>Envoyé : mardi 20 juillet 2004 15:59
> >>À : 'Tomcat Users List'
> >>Objet : RE: how to access Subject after authentification 
> >>
> >>Hi
> >>
> >>I had a similar question a while back and never really got it fully
> >>resolved, but I found that Tomcat doesn't save the subject as 
> >>a session
> >>attribute.
> >>
> >>However in your case you don't need to access the subject. In 
> >>the web.xml
> >>file for your app, you can define what roles have access to 
> >>each resource
> >>(jsp, servlet) and have your JAAS login module assign these 
> >>roles to the
> >>subject - i.e. container managed security. 
> >>
> >>e.g. add to web.xml (gives access to logins with role "user" 
> >>to all of your
> >>application):
> >>
> >>      <security-constraint>
> >>		<web-resource-collection>
> >>			
> >><web-resource-name>myApplication</web-resource-name>
> >>			<url-pattern>/*</url-pattern>
> >>		</web-resource-collection>
> >>		<auth-constraint>
> >>			<role-name>user</role-name>
> >>		</auth-constraint>
> >>	</security-constraint>
> >>	<security-role>
> >>		<role-name>user</role-name>
> >>	</security-role>
> >>
> >>see the tomcat docs for more info
> >>
> >>Matt
> >>
> >>    
> >>
> >>>-----Original Message-----
> >>>From: LERBSCHER Jean-Pierre 
> >>>[mailto:jean-pierre.lerbscher@cofiroute.fr]
> >>>Sent: 20 July 2004 14:42
> >>>To: 'tomcat-user@jakarta.apache.org'
> >>>Subject: how to access Subject after authentification 
> >>>
> >>>
> >>>Hi,
> >>>
> >>>I am using JAAS authentification module to authenticate user 
> >>>within tomcat
> >>>5.0.27.
> >>>
> >>>After the authentification, I want to control access to 
> >>>resources (like ejb
> >>>deployed in weblogic application server).
> >>>
> >>>To control access, I have to use weblogic api with the 
> >>>Subject instance
> >>>delivred by authentification to tomcat.
> >>>
> >>> 
> >>>
> >>>The problem is : how can I get the subject object.. I try
> >>>session.getAttribute( "javax.security.auth.subject" ); but it 
> >>>seems that I
> >>>can't access to this information !
> >>>
> >>>Any ideas?
> >>>
> >>>Thanks,
> >>>
> >>>
> >>>      
> >>>
> >>------------------------------------------------------------
> ---------
> >>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >>
> >>
> >>------------------------------------------------------------
> ---------
> >>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >>
> >>    
> >>
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> >For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> >
> >  
> >
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message