- Implementing the Authorization using Data

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Tomcat - JSP/Servlet container

Struts - A MVC web framework

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

JSP - A mailing list about Java Server Pages specification and reference

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Oracle Connection Pooling in 3 2 2
•	Servlet : Session invalidate
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Tomcat and webapplication specific java library path
•	Running a Simple JMS Example
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	Cannot find message resources under key org apache struts action MESSAGE
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	url string for connecting jboss to oracle
•	Value attribute of <html:checkbox
•	javax servlet ServletException: BeanUtils populate
•	HTTP Status 404 The requested resource is not available
•	5 0 18: Windows XP Pro vs Windows 2000

- Implementing the Authorization using Data

- Implementing the Authorization using Data

2007-07-16 - By rrsireesha

Back
Hi,

Iam using the JDeveloper and JBoss to develop my web application using JSF. And
the data is retrieved from the database(Oracle). I have implemented the
DatabaseServerLoginModule for Authorization and Authentication. Here is code I
have in the backingbean method of the Login button.

SecurityAssociationHandler handler = new SecurityAssociationHandler();
SimplePrincipal user = new SimplePrincipal(j_username.getValue().toString());
handler.setSecurityInfo(user, j_password.getValue().toStrin().toCharArray());
LoginContext loginContext =
new LoginContext("testDB", (CallbackHandler)handler);
loginContext.login();
Subject subject = loginContext.getSubject();
Set principals = subject.getPrincipals();
principals.add(user);

When I print the principals it is giving me the correct details from the
database. The Authentication is working perfectly. I'm confused how to go from
here for the authorization part. I have declared the page-level security in the
web.xml and it is not working (no exceptions thrown). Role name with 'user' is
able to access the pages under /admin folder.

Content of web.xml related to authorization-

<security-constraint>
<web-resource-collection>
<web-resource-name>Administrator</web-resource-name>
<url-pattern>/faces/admin/*</url-pattern>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
Administrator
<role-name>admin</role-name>
</security-role>

Please advise me how to do the authorization part from here.

Thanks In Advance.
SR.

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic
&p=4064678#4064678

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode
=reply&p=4064678
__ ____ ____ ____ ____ ____ ____ ____ ____ ____
jboss-user mailing list
jboss-user@(protected)
https://lists.jboss.org/mailman/listinfo/jboss-user