Java JSF应用程序,使用JAAS登录用户的动态角色
[英]Java JSF app, dynamic roles for logged user with JAAS
问题描述
I have an Primefaces application where using authentication/authorisation throught JAAS running on Tomcat. 
我有一个Primefaces应用程序,通过在Tomcat上运行的JAAS使用身份验证/授权。 User roles and secured folders are defined in web.xml. 用户角色和安全文件夹在web.xml中定义。 My problem is, that I need to change user roles while he is logged in. Basically, I need when user click on button to add him admin role a let him see pages in /admin folder. 我的问题是,我需要在登录时更改用户角色。基本上,我需要当用户点击按钮添加他的管理员角色时让他看到/ admin文件夹中的页面。 I was searching long time to find solution, but without success. 我找了很长时间才找到解决方案,但没有成功。 I can only see logged user name and check, if he has role by this code: 我只能看到记录的用户名并检查,如果他有这个代码的角色:
HttpServletRequest request = (HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest();
request.getUserPrincipal();
request.isUserInRole("admin");
I found one answer that this code should work, but I only get null Subject: 我找到了一个答案,这个代码应该工作,但我只得到null主题:
Subject.getSubject(AccessController.getContext());
Is it possible to change user role without need to log in again, and if so, how can I do it? 是否可以更改用户角色而无需再次登录,如果是,我该怎么办?
1 个解决方案
解决方案1
0 2016-06-24 13:34:01
I fixed it with automatic logout/login the user: 我用自动注销/登录用户修复了它:
getRequest().logout(); Request()方法注销(); getRequest().login(userName, newPassword); getRequest()。login(userName,newPassword);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.