aspose file tools*
The moose likes Java in General and the fly likes Problem of JAAS  with JDK version Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "Problem of JAAS  with JDK version" Watch "Problem of JAAS  with JDK version" New topic
Author

Problem of JAAS with JDK version

shankha bhattacharya
Greenhorn

Joined: Apr 20, 2007
Posts: 12
Hi,

I am facing a problem for JAAS implementation with Java(TM) 2 SDK, Standard Edition Version 1.4.1 and tagish.jar.
I took help form http://www.mooreds.com/jaas.htmland also from http://free.tagish.net/jaas/doc.html.

----------------------------------------------------------------------------

I used JAAS with the above mentioned configurations for UserId/password Authorization and Authentication of my application.

----------------------------------------------------------------------------
Here also I use tagish.login file for the class I use for JAAS

Entry in the tagish.login file

FileLogin
{
com.tagish.auth.DBLogin required debug=true contextPath="D:/Tomcat 4.1/webapps/pharma";
};

----------------------------------------------------------------------------
Also insert the following value for login configuration and Policy in the java.security file

login.config.url.1=file:${java.home}/lib/security/tagish.login
policy.url.1=file:${java.home}/lib/security/epedigree.policy

---------------------------------------------------------------------------
In the epedigree.policy file is look like -

grant Principal * * {

permission com.xor.auth.perm.URLPermission "/pages/Home.jsp";
..
..
..
};

grant Principal com.tagish.auth.TypedPrincipal "PR001" {


permission com.xor.auth.perm.URLPermission "/pharma/Welcome.do";
permission com.xor.auth.perm.URLPermission "/pharma/AdminAction.do";
--
--
--

};
--------------------------------------------------------------------------
epedigree.policy,java.security,tagish.login files are placed inside jre\lib\security folder.

----------------------------------------------------------------------------

@@@@ All these configurations are made taking help from the above mentioned link @@@@

----------------------------------------------------------------------------
Basically in my application I use my ActionServlet instead of
org.apache.struts.action.ActionServlet.

public class ActionServlet extends org.apache.struts.action.ActionServlet

In this class I give the permission for my logging Page to all users and for rest of the requestd page I check the permission.

Entry of the requested pages are mentioned in the struts config file.

code :

Subject subject = ((Subject)(request.getSession().getAttribute("subject_key")));

if (subject == null && (! request.getRequestURI().equals(loginPage)))
{
// redirect to login page
response.sendRedirect(request.getContextPath()+"/pages/right.jsp");
}
else if (subject == null && request.getRequestURI().equals(loginPage))
{
// login page is always permitted
super.process(request,response);

} else {


if ( ! AuthUtils.permitted(subject, perm) ) {

// subject is not permitted; redirect to error page

System.err.println("@@@@ ------------ ActionServlet : : Flag1 : Not Permitted " );

String theURL = request.getContextPath()+"/pages/right.jsp?"+ "pagePerm=no";
theURL = response.encodeRedirectURL(theURL);
response.sendRedirect(theURL);

} else {

System.err.println("@@@@ ------------ ActionServlet : : Flag2 : Permitted ");
super.process(request,response);
}
}


AuthUtils class available in the tagish.jar.
---------------------------------------------------------------------------

Now where the problem starts.

---------------------------------------------------------------------------
In one of my page when I submit the page I set a form variable in the corrosponding js file.

But I am not getting that value in the requested Action class .
---------------------------------------------------------------------------
function onClickAddTransRecv()
{
window.alert("saving TransRecvFormBean");
document.TransRecvInfoForm.actionType.value = "addTransRecvSubmit";
document.TransRecvInfoForm.submit();
window.alert("TransRecvInfoForm submited");
window.close();
}

In the requested action class

String sAction = (String) request.getParameter("actionType");

The value of sAction is NULL instead of "addTransRecvSubmit" .

---------------------------------------------------------------------------
But if I use JDK1.5.0_04 or Java1.5x I am not facing that problem.
I am geting the appropriate value of sAction.
---------------------------------------------------------------------------

Please help.

[ April 20, 2007: Message edited by: shankha bhattacharya ]
[ April 20, 2007: Message edited by: shankha bhattacharya ]
Joanne Neal
Rancher

Joined: Aug 05, 2005
Posts: 3646
    
  15
I don't know the answer to your question, but I do know you are more likely to get help if you edit your post and put all the code into code tags to make it more readable.


Joanne
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Problem of JAAS with JDK version