通过JAAS以编程方式登录用户
[英]Login a user programmatically via JAAS
问题描述
I'm trying to run code within JBoss Container under a different authentication by programatically logging in a user like that (stripped exception handling): 
我试图通过以编程方式登录这样的用户(剥离的异常处理),以不同的身份验证在JBoss Container中运行代码:
LoginContext ctx = ctx =
new LoginContext("MyLoginSchema",
new UsernamePasswordCallbackHandler("newuser", "")
);
ctx.login();
Subject.doAs(ctx.getSubject(), new PrivilegedAction<T>() {
@Override
public T run() {
Subject.getSubject(AccessController.getContext());
InitialContext ic = new InitialContext();
EJBContext sctxLookup = (EJBContext) ic.lookup("java:comp/EJBContext");
Principal principal = sctxLookup.getCallerPrincipal();
}
});
Login of newuser works (Call of LoginModule was successful) but Subject.doAs() doesn't associate the new Subject with the EJBContext . newuser登录可以正常工作( LoginModule调用已成功),但是Subject.doAs()并未将新的Subject与EJBContext关联。 The code in the run() -Method still fetches the old user's principal from EJBContext . run() Method中的代码仍然从EJBContext获取旧用户的主体。
I tested another method of retrieving the logged in user but same behavior here: 我测试了另一种方法来检索登录的用户,但在此处具有相同的行为:
Subject caller = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
Any ideas? 有任何想法吗?
2 个解决方案
解决方案1
2 已采纳 2012-10-13 09:34:26
Which LoginModule do you use now? 您现在使用哪个LoginModule ? In JBoss 6.1 you had to use ClientLoginModule to authenticate in container. 在JBoss 6.1中,您必须使用ClientLoginModule在容器中进行身份验证。
解决方案2
0 2012-10-13 10:51:11
My understanding is this is currently not supported by JBoss AS 7.1. 我的理解是,JBoss AS 7.1当前不支持此功能。 See this thread 看到这个线程
Edit 编辑
What I wrote here is wrong, the thread only applies to client side login (outside of a JBoss). 我在这里写的是错误的,该线程仅适用于客户端登录(在JBoss之外)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.