tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Walter, Oliver (BR/ICI3)" <Oliver.Wal...@boschrexroth.de>
Subject AW: datasource-realm troubles
Date Wed, 31 Jan 2007 13:51:37 GMT
Hello,

i have a funny problem, maybe someone can bring a bit light into this:

I`m using DataSourceRealm for security and thanks to the list this is working fine now.

Right now i want to access the principal inside the application with

	Principal principal = request.getUserPrincipal();

so far so good. But 
	
	principal.getClass().getName() returns "org.apache.catalina.realm.GenericPrincipal"

while 

	principal is instance of "javax.security.Principal".

Also i get java.lang.ClassCastException: org.apache.catalina.realm.GenericPrincipal
when trying this:

	GenericPrincipal gPrincipal = (GenericPrincipal) principal;

In in /META-INF/context.xml i defined <Context privileged="true">.

Regards Oliver



> -----Urspr√ľngliche Nachricht-----
> Von: Walter, Oliver (BR/ICI3) [mailto:Oliver.Walter@boschrexroth.de] 
> Gesendet: Dienstag, 30. Januar 2007 19:08
> An: Tomcat Users List
> Betreff: AW: datasource-realm troubles
> 
> Thanks Chuck,
> 
> i followed your suggestion and it works fine. Maybe you can 
> help me with another problem i stuck.
> 
> Right now i can use RealmDataSource to authenticate the user. 
> But want/have to go bit deeper in
> authorization, e.g. build up a dynamic navigation based on 
> the users roles. I investigated a bit
> in the catalina API, but i cannot find any interface to 
> access a list of the roles the user has.
> 
> HttpServletRequest.getUserPrincipal() is of type 
> javax.security.Principal and DataSourceRealm.getRoles 
> is protected. What i try to access is a object of type 
> GenericPrincipal (because of the getRoles()
> method), but don`t know where from.
> 
> What i can think of is getting a list off all in Context 
> defined roles StandardContext.findSecurityRoles(), 
> and check with a loop if the 
> DataSourceRealm.hasRole(Principal, role), but i still hope to 
> find a more
> elegant solution. 
> 
> Maybe you have any idea.
> 
> Regards Oliver
> 
> > -----Urspr√ľngliche Nachricht-----
> > Von: Caldarale, Charles R [mailto:Chuck.Caldarale@unisys.com] 
> > Gesendet: Dienstag, 30. Januar 2007 17:22
> > An: Tomcat Users List
> > Betreff: RE: datasource-realm troubles
> > 
> > > From: Walter, Oliver (BR/ICI3) 
> > [mailto:Oliver.Walter@boschrexroth.de] 
> > > Subject: AW: datasource-realm troubles
> > 
> > Now that you've got the main problem sorted, some 
> additional info for
> > you:
> > 
> > > The file is named "context.xml" and it is stored in the
> > > war`s META-INF directory. 
> > >
> > > <Context path="/jmangos" docBase="jmangos" debug="5"
> > > reloadable="true" crossContext="false">
> > 
> > The path and docBase attributes must not be used when the <Context>
> > element is in META-INF/context.xml (path is valid only within
> > server.xml, and docBase only within 
> conf/Catalina/[host]/[appName].xml
> > or server.xml).  Although they should be ignored in this situation,
> > their presence is confusing.
> > 
> >  - Chuck
> > 
> > 
> > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE 
> > PROPRIETARY
> > MATERIAL and is thus for use only by the intended recipient. If you
> > received this in error, please contact the sender and delete 
> > the e-mail
> > and its attachments from all computers.
> > 
> > 
> ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> > 
> > 
> 
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message