Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » J2EE Interest »

Re: JAAS Authentication using Servlet Filter.

Guy Katz

2004-05-18


-----Original Message-----
From: Ben Hill [mailto:ben.hill@(protected)]
Sent: Tuesday, May 18, 2004 1:37 PM
To: J2EE-INTEREST@(protected)
Subject: Re: JAAS Authentication using Servlet Filter.


> -----Original Message-----
> From: Guy Katz [mailto:gkatz@(protected)]
> Sent: 18 May 2004 13:19
> To: J2EE-INTEREST@(protected)
> Subject: Re: JAAS Authentication using Servlet Filter.
>
>
> use JAASRealm to continue and use the app J2EE security
> model. use the filter if you want to take over security and
> manage it yourself (no 'real' getUserPrincipal, run as the
> same user inside the app server) my choice would be a custom realm.

If you run through the JAAS authentication in the container, why wouldn't
getUserPrincipal work?

[guy] like i said, you can use the JaasRealm and it would work just fine
but not through the servlet filter.

You'd be constructing a callback handler, adding the username and password
and realm to the handler then using (possibly) the LoginContext to login()?

[guy] please read the Jaas tutorial and other resources.

>
> regarding the j_security thing. this means you use container
> managed security and the j_security stuff will only be sent
> through your login form/dialog when a protected resource is
> accessed. invoking JAAS in the filter will happen just before
> the container tries to authenticate your user & pass so i
> cant see the benefit here.

I'm not going to use j_security_check, although I understand how to use it.
I
want to implement custom security to work in the same way as
j_security_check...

Cheers,

Ben


********************************************************************

This email may contain information which is privileged or confidential. If
you are not the intended recipient of this email, please notify the sender
immediately and delete it without reading, copying, storing, forwarding or
disclosing its contents to any other person
Thank you

Check us out at http://www.btsyntegra.com

********************************************************************

===========================================================================
To unsubscribe, send email to listserv@(protected)
of the message "signoff J2EE-INTEREST". For general help, send email to
listserv@(protected)".

===========================================================================
To unsubscribe, send email to listserv@(protected)
of the message "signoff J2EE-INTEREST". For general help, send email to
listserv@(protected)".
©2008 junlu.com - Jax Systems, LLC, U.S.A.