This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Architect Certification (SCEA/OCMJEA) and the fly likes Part 2- How role gets assigned to user in JAAS? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Certification » Architect Certification (SCEA/OCMJEA)
Bookmark "Part 2- How role gets assigned to user in JAAS?" Watch "Part 2- How role gets assigned to user in JAAS?" New topic
Author

Part 2- How role gets assigned to user in JAAS?

Lavan Adgaonkar
Greenhorn

Joined: Sep 29, 2005
Posts: 7
Hello Ranchers,

I am currently working on the Part 2 assignment. Have been pondering about using JAAS in the solution.

In case of a web application, users would do self-registration (and thereby create their own userids).From what I understand, I can write my call back handlers in JAAS, and can accordingly even authenticate the users, against the userid information persisted in the application database.

However, what I am not able to figure out is , how does this user, get a particular role assigned. In case of both web/ EJB security, i can define the roles, that would access protected resources/methods.. The contents on the net, give an idea that you define the roles, for specific user ids.. in the j2ee server. In this case, the userids are self-created (by users during registration with the sithe) and cannot be fixed by the administrator in the server.

Does that mean, I cant go for JAAS authentication, if i have self registration or am i missing something totally?

Please help.

Thanks.
Lavan.
Lavan Adgaonkar
Greenhorn

Joined: Sep 29, 2005
Posts: 7
Any help?
Marcin Nowak
Greenhorn

Joined: Oct 24, 2005
Posts: 1
Try to read something about "LoginModule".

I hope it will help you.

Martin.
Lavan Adgaonkar
Greenhorn

Joined: Sep 29, 2005
Posts: 7
Read some documentation on those lines and figured out the Subject/Principals.. exactly what I was looking for.

Thanks Martin.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Part 2- How role gets assigned to user in JAAS?
 
Similar Threads
Using default JAAS Mechanism in Websphere makes applications to access the context path of the other
JAAS precedence for role based authorizations in container managed authorizations
Implementing the User access in an application
java.lang.SecurityException: Authentication exception, principal=null
Web Applications and JAAS