Manually login user via JAAS into JBoss WIldfly
Question
I am trying to perform a manual login. My intention is to log someone in via JAX-RS call, but in the standard session. This way both subsequent javascript calls as well as java calls will see the same Subject, Principal etc. This is all happening in context of SSO with Picketlink, I need to show the user he's current login state, as well as allow him to login in background.
I created own LoginModule which works with j_security flawlessly. I created a JAX-RS Resource which initiates a LoginContext and logs user in. My LoginModule is asked in the background and the login is performed perfectly. Almost. Because there is one small problem, the login is not associated with the http request or session.
@POST @Path("login")
public LoginResponse login(LoginForm loginForm, @Context HttpServletRequest request) throws LoginException{
LoginResponse ret = new LoginResponse();
LoginContext loginContext = new LoginContext("idp", new WidgetCallBackHandler(loginForm));
System.out.println("User principal before: "+request.getUserPrincipal());
try{
loginContext.login();
}catch(LoginException e){
ret.setMessage("Login failed: "+e.getMessage());
}
Subject subject = loginContext.getSubject();
System.out.println("Logged in subject: "+subject);
System.out.println("User principal after: "+request.getUserPrincipal());
System.out.println("Login executed");
ret.setState(getLoginState(request));
return ret;
}
both Principals, before and after are null. So I am able to authenticate the user properly, but it's completely senseless since I can't associate the session with the logged in subject.
I've read that there was a class WebAuthenticator in previous JBoss versions, is this a road to pursue?
Thanks in advance
1 answers
solution1
0 2014-08-21 14:35:43
Ok the solution was sooo simple, that it's almost a-shame I haven't found it earlier. The hint was in this link: https://issues.jasig.org/browse/CASC-174
Servlet 3.0 has
request.login(username, password)
method which does all I needed.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.