This week's book giveaway is in the Reactive Progamming forum.
We're giving away four copies of Reactive Streams in Java: Concurrency with RxJava, Reactor, and Akka Streams and have Adam Davis on-line!
See this thread for details.
Win a copy of Reactive Streams in Java: Concurrency with RxJava, Reactor, and Akka Streams this week in the Reactive Progamming forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Junilu Lacar
  • Jeanne Boyarsky
  • Bear Bibeault
Sheriffs:
  • Knute Snortum
  • Tim Cooke
  • Devaka Cooray
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Tim Holloway
  • Carey Brown
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Ganesh Patekar

weblogic 10 jaas and now what?

 
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Okay, I went through the nightmare of getting examples.security.jaas SAmpleCallbackHandler to work to the point where I can run:



It correctly returns a failed login attempt or a successful login attempt. The web.xml was set up with the following:



However, I am not sure what I need to do with my login.jsp page so that after doing the loginContext.login() it automagically goes back to the page that the security-contraint was set up to send me to the login.jsp page in the first place to log the user in if they are not in the role (i.e., in this case the role is Administrator).

Can somebody explain how this is supposed to work? How will weblogic know that the user is successfully logged in? Is the mere call of loginContext.login() enough? I see there is something called Subject and some mention of RunAs(), which I have no clue what it is. When I tried by the way to just use a parent.history.back() to go back if it sees the return code of the login was 0, it does not seem to leave the login page. Putting a back button with the same code puts me back not at the restricted page I was trying to go to, but back at the page that has the link the user selects to the restricted page.

David
 
Mr.David Shapiro
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I really wish there was good examples out on the web. So, eclipse whines that Invalid Security role-name Administrators. I look about and see mention of using weblogic.xml and having something like:



Unfortunatly, when I create this in eclipse under source's WEB-INF, the application will not start up and throws a 404 error. Am I not supposed to create this where I did? Does eclipse have some hidden version of weblogic.xml that I need to modify, or is there something wrong with what I was trying to put in weblogic.xml?

David
 
Hot dog! An advertiser loves us THIS much:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!