[ICE-3707] Add support for JAAS security - ICEsoft JIRA Issue Tracker

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.7.2
Fix Version/s: 1.8DR#2, 1.8
Component/s: Tool Integrations
Labels:
None
Environment:
All

ICEsoft Forum Reference:
http://www.icefaces.org/JForum/posts/list/10020.page
Affects:

Documentation (User Guide, Ref. Guide, etc.), Sample App./Tutorial, Compatibility/Configuration
Workaround Description:
Use ACEGI/Spring security configured with JAAS plugin.

Description

User is using JAAS authentication and were experiencing the same problem as outlined in ~~ICE-3048~~. Unfortunately the fix for 3048 in 1.7.2 did not resolve their issue. Instead they found a work around by hacking the BridgeExternalContext. There isn't a grouping for JAAS based Authentication, so they had to write one in the style of Acegi, but not using the acegi classes (actual code not provided).

    static {
        try {
                 AcegiAuthenticationClass = Class.forName("org.acegisecurity.Authentication");
                AuthenticationClass = AcegiAuthenticationClass;
                Log.debug("Acegi Security detected.");
        } catch (Throwable t) {
                Log.debug("Acegi Security not detected.");
        }
        try {
                SpringAuthenticationClass = Class.forName("org.springframework.security.Authentication");
                AuthenticationClass = SpringAuthenticationClass;
                Log.debug("Spring Security detected.");
        } catch (Throwable t) {
                Log.debug("Spring Security not detected.");
        }
    }

I've attached an example of JAAS and Jboss. You will need to run the build script in order to compile the application and may need to make changes to the build.properties files. Also, you will need a MySql database running on your computer.

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Download All

Attachments

IceFacesJAASAuthentication.java.zip

03/Nov/08 2:50 PM

0.6 kB

Tyler Johnson
IceFacesJAASGrantedAuthority.java.zip

03/Nov/08 2:51 PM

0.3 kB

Tyler Johnson
IceFacesJAASSecurityContext.java.zip

03/Nov/08 2:51 PM

0.4 kB

Tyler Johnson
Hide
Test_JBossWithJaas.zip

29/Oct/08 11:36 AM

6.37 MB

Tyler Johnson
Test_JBossWithJaas/.classpath 0.6 kB

Test_JBossWithJaas/.mymetadata 0.3 kB

Test_JBossWithJaas/.project 1 kB

Test_JBossWithJaas/build.properties 0.2 kB

Test_JBossWithJaas/build.xml 4 kB

Test_JBossWithJaas/.../icefaces-mysql-ds.xml 0.7 kB

Test_JBossWithJaas/.../ice-login-config-service.xml 0.5 kB

Test_JBossWithJaas/.../ice-login-config.xml 0.8 kB

Test_JBossWithJaas/.../backport-util-concurrent.jar 319 kB

Test_JBossWithJaas/.../commons-beanutils.jar 184 kB

Test_JBossWithJaas/.../commons-collections.jar 558 kB

Test_JBossWithJaas/.../commons-digester.jar 140 kB

Test_JBossWithJaas/lib/.../commons-el.jar 110 kB

Test_JBossWithJaas/.../commons-fileupload.jar 52 kB

Test_JBossWithJaas/.../commons-logging.jar 52 kB

Test_JBossWithJaas/.../icefaces-comps.jar 1.51 MB

Test_JBossWithJaas/.../icefaces-facelets.jar 593 kB

Test_JBossWithJaas/lib/.../icefaces.jar 770 kB

Test_JBossWithJaas/lib/ICEfaces/jstl.jar 17 kB

Test_JBossWithJaas/.../krysalis-jCharts-1.0.0-alpha-1.jar 151 kB

Test_JBossWithJaas/lib/jbosssx.jar 306 kB

Test_JBossWithJaas/lib/jsf-api-1.2.jar 316 kB

Test_JBossWithJaas/lib/jsf-impl-1.2.jar 1.15 MB

Test_JBossWithJaas/lib/jsp-api.jar 71 kB

Test_JBossWithJaas/.../mysql-connector-java-5.1.5-bin.jar 661 kB

Test_JBossWithJaas/lib/servlet-api.jar 83 kB

Test_JBossWithJaas/.../LoginProxyBean.java 1 kB

Test_JBossWithJaas/src/.../LogoutBean.java 0.4 kB

Test_JBossWithJaas/src/.../RoleHandler.java 1 kB

Test_JBossWithJaas/WebRoot/index.jsp 0.2 kB

Showing 30 of 47 items Download Zip
Show

Test_JBossWithJaas.zip

29/Oct/08 11:36 AM

6.37 MB

Tyler Johnson

Issue Links

blocks

ICE-3808 RuntimeException "Cannot determine if user in role" during file upload

Closed

ICE-3900 Cannot determine if user in role - using inputFile, menuItem, panelGroup with renderedOnUserRole

Closed

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Tyler Johnson added a comment - 03/Nov/08 2:53 PM

Here is the workaround code that the user has used to overwrite our acegi security classes in favor of JAAS based classes.

1. IceFacesJAASAuthentication.java.zip
2. IceFacesJAASGrantedAuthority.java.zip
3. IceFacesJAASSecurityContext.java.zip

Show

Tyler Johnson added a comment - 03/Nov/08 2:53 PM Here is the workaround code that the user has used to overwrite our acegi security classes in favor of JAAS based classes. 1. IceFacesJAASAuthentication.java.zip 2. IceFacesJAASGrantedAuthority.java.zip 3. IceFacesJAASSecurityContext.java.zip

Hide

Permalink

Golgoth added a comment - 12/Nov/08 6:04 AM

Hi,

I'm interested to use JAAS security on Glassfish.

Do you know which modifications do to the RoleHandler class ?

Thank you.

Show

Golgoth added a comment - 12/Nov/08 6:04 AM Hi, I'm interested to use JAAS security on Glassfish. Do you know which modifications do to the RoleHandler class ? Thank you.

Hide

Permalink

Mircea Toma added a comment - 13/Nov/08 6:52 AM

Make use of pending HTTP requests for authorization querying. Refactor.

Show

Mircea Toma added a comment - 13/Nov/08 6:52 AM Make use of pending HTTP requests for authorization querying. Refactor.

People

Assignee:

Unassigned

Reporter:

Tyler Johnson

Votes:

3 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

29/Oct/08 11:34 AM

Updated:

10/Sep/09 12:29 PM

Resolved:

13/Nov/08 6:52 AM