Details

    • Type: New Feature New Feature
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.7.2
    • Fix Version/s: 1.8DR#2, 1.8
    • Component/s: Tool Integrations
    • Labels:
      None
    • Environment:
      All
    • Affects:
      Documentation (User Guide, Ref. Guide, etc.), Sample App./Tutorial, Compatibility/Configuration
    • Workaround Description:
      Use ACEGI/Spring security configured with JAAS plugin.

      Description

      User is using JAAS authentication and were experiencing the same problem as outlined in ICE-3048. Unfortunately the fix for 3048 in 1.7.2 did not resolve their issue. Instead they found a work around by hacking the BridgeExternalContext. There isn't a grouping for JAAS based Authentication, so they had to write one in the style of Acegi, but not using the acegi classes (actual code not provided).

          static {
              try {
                       AcegiAuthenticationClass = Class.forName("org.acegisecurity.Authentication");
                      AuthenticationClass = AcegiAuthenticationClass;
                      Log.debug("Acegi Security detected.");
              } catch (Throwable t) {
                      Log.debug("Acegi Security not detected.");
              }
              try {
                      SpringAuthenticationClass = Class.forName("org.springframework.security.Authentication");
                      AuthenticationClass = SpringAuthenticationClass;
                      Log.debug("Spring Security detected.");
              } catch (Throwable t) {
                      Log.debug("Spring Security not detected.");
              }
          }

      I've attached an example of JAAS and Jboss. You will need to run the build script in order to compile the application and may need to make changes to the build.properties files. Also, you will need a MySql database running on your computer.
      1. IceFacesJAASSecurityContext.java.zip
        0.4 kB
        Tyler Johnson
      2. IceFacesJAASGrantedAuthority.java.zip
        0.3 kB
        Tyler Johnson
      3. IceFacesJAASAuthentication.java.zip
        0.6 kB
        Tyler Johnson

        Issue Links

          Activity

          Hide
          Tyler Johnson added a comment -

          Here is the workaround code that the user has used to overwrite our acegi security classes in favor of JAAS based classes.

          1. IceFacesJAASAuthentication.java.zip
          2. IceFacesJAASGrantedAuthority.java.zip
          3. IceFacesJAASSecurityContext.java.zip

          Show
          Tyler Johnson added a comment - Here is the workaround code that the user has used to overwrite our acegi security classes in favor of JAAS based classes. 1. IceFacesJAASAuthentication.java.zip 2. IceFacesJAASGrantedAuthority.java.zip 3. IceFacesJAASSecurityContext.java.zip
          Hide
          Golgoth added a comment -

          Hi,

          I'm interested to use JAAS security on Glassfish.

          Do you know which modifications do to the RoleHandler class ?

          Thank you.

          Show
          Golgoth added a comment - Hi, I'm interested to use JAAS security on Glassfish. Do you know which modifications do to the RoleHandler class ? Thank you.
          Hide
          Mircea Toma added a comment -

          Make use of pending HTTP requests for authorization querying. Refactor.

          Show
          Mircea Toma added a comment - Make use of pending HTTP requests for authorization querying. Refactor.

            People

            • Assignee:
              Unassigned
              Reporter:
              Tyler Johnson
            • Votes:
              3 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: