jQuery in Action, 3rd edition
The moose likes Security and the fly likes JAAS with JSF misunderstanding Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "JAAS with JSF misunderstanding" Watch "JAAS with JSF misunderstanding" New topic

JAAS with JSF misunderstanding

Lukas Hnatuk

Joined: May 31, 2010
Posts: 10
Hi, i am trying to develop JSF based application with JAAS, but i stuck over a 3 weeks with it and I would appriciate some help.
I have a login page, lets assume it looks like this:

After login, I get the usenmae and password to the loginManagedBean a call my EJB. EJB has this method:

I do the authentication and if i did lc.getSubject() i see the thinks i need.
Here is the problem: When i leave this method, i cannot find any way get the Subject i just logged in. Is there some way, or i am doing it completly wrong.
The reason why I do not want to use j_username with j_password and some realm is, that I would like to have more control over application(eg redirecting each user to a different page(admins,users...) and i cant find the way.
Can you please tell me, what I am doing wrong, or post some little code, to understand this.
I read the JAAS tutorials, but still i am a lot confused.

My second questin is, how do I find the roles i put to the user?

Here is the LoginModule login and commit methods ( i found some tutorial here, so they are only copied from here:

Sever: GlassFish v3
JSF 2.1
Mostly using NetBeans
I agree. Here's the link: http://aspose.com/file-tools
subject: JAAS with JSF misunderstanding
It's not a secret anymore!