• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
Sheriffs:
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
Bartenders:
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

weblogic 10 jaas and now what?

 
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Okay, I went through the nightmare of getting examples.security.jaas SAmpleCallbackHandler to work to the point where I can run:



It correctly returns a failed login attempt or a successful login attempt. The web.xml was set up with the following:



However, I am not sure what I need to do with my login.jsp page so that after doing the loginContext.login() it automagically goes back to the page that the security-contraint was set up to send me to the login.jsp page in the first place to log the user in if they are not in the role (i.e., in this case the role is Administrator).

Can somebody explain how this is supposed to work? How will weblogic know that the user is successfully logged in? Is the mere call of loginContext.login() enough? I see there is something called Subject and some mention of RunAs(), which I have no clue what it is. When I tried by the way to just use a parent.history.back() to go back if it sees the return code of the login was 0, it does not seem to leave the login page. Putting a back button with the same code puts me back not at the restricted page I was trying to go to, but back at the page that has the link the user selects to the restricted page.

David
 
Mr.David Shapiro
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I really wish there was good examples out on the web. So, eclipse whines that Invalid Security role-name Administrators. I look about and see mention of using weblogic.xml and having something like:



Unfortunatly, when I create this in eclipse under source's WEB-INF, the application will not start up and throws a 404 error. Am I not supposed to create this where I did? Does eclipse have some hidden version of weblogic.xml that I need to modify, or is there something wrong with what I was trying to put in weblogic.xml?

David
 
Popeye has his spinach. I have this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
    Bookmark Topic Watch Topic
  • New Topic