• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

How do I add a list of groups to principal

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I'm using a single sign on product which has successfully passed the user and group information through to our app server (weblogic 8.1). My custom identity asserter and custom authenticator/login module have combined to set the user as the principal. No problem so far.

Then in my servlet code, I can do a request.getUserPrincipal() and get the user no worries. Also in the servlet, I can retrieve the list of groups which have been passed in a server header variable from the security product. But how do I set these groups (currently they're just strings) as groups which my user belongs to? This would obviously be handy as it would then enable the usual j2ee declarative security to automatically secure resources based on groups.

I don't have access to the subject in the servlet, so I can't do subject.getPrincipals().add(myGroup).

Any ideas how this is supposed to work?

cheers,
Ian
 
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
there is no solution based only on the j2ee security....

one option is to use the jGuard (http://jguard.sourceforge.net)library with your webapp:
you can list and update principals in your subject.

sincerly yours,
Charles (jGuard team).
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic