[ICE-3707] Add support for JAAS security - ICEsoft JIRA Issue Tracker

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.7.2
Fix Version/s: 1.8DR#2, 1.8
Component/s: Tool Integrations
Labels:
None
Environment:
All

ICEsoft Forum Reference:
http://www.icefaces.org/JForum/posts/list/10020.page
Affects:

Documentation (User Guide, Ref. Guide, etc.), Sample App./Tutorial, Compatibility/Configuration
Workaround Description:
Use ACEGI/Spring security configured with JAAS plugin.

Description

User is using JAAS authentication and were experiencing the same problem as outlined in ~~ICE-3048~~. Unfortunately the fix for 3048 in 1.7.2 did not resolve their issue. Instead they found a work around by hacking the BridgeExternalContext. There isn't a grouping for JAAS based Authentication, so they had to write one in the style of Acegi, but not using the acegi classes (actual code not provided).

    static {
        try {
                 AcegiAuthenticationClass = Class.forName("org.acegisecurity.Authentication");
                AuthenticationClass = AcegiAuthenticationClass;
                Log.debug("Acegi Security detected.");
        } catch (Throwable t) {
                Log.debug("Acegi Security not detected.");
        }
        try {
                SpringAuthenticationClass = Class.forName("org.springframework.security.Authentication");
                AuthenticationClass = SpringAuthenticationClass;
                Log.debug("Spring Security detected.");
        } catch (Throwable t) {
                Log.debug("Spring Security not detected.");
        }
    }

I've attached an example of JAAS and Jboss. You will need to run the build script in order to compile the application and may need to make changes to the build.properties files. Also, you will need a MySql database running on your computer.

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Download All

Attachments

IceFacesJAASAuthentication.java.zip

03/Nov/08 2:50 PM

0.6 kB

Tyler Johnson
IceFacesJAASGrantedAuthority.java.zip

03/Nov/08 2:51 PM

0.3 kB

Tyler Johnson
IceFacesJAASSecurityContext.java.zip

03/Nov/08 2:51 PM

0.4 kB

Tyler Johnson
Hide
Test_JBossWithJaas.zip

29/Oct/08 11:36 AM

6.37 MB

Tyler Johnson
Test_JBossWithJaas/.classpath 0.6 kB

Test_JBossWithJaas/.mymetadata 0.3 kB

Test_JBossWithJaas/.project 1 kB

Test_JBossWithJaas/build.properties 0.2 kB

Test_JBossWithJaas/build.xml 4 kB

Test_JBossWithJaas/.../icefaces-mysql-ds.xml 0.7 kB

Test_JBossWithJaas/.../ice-login-config-service.xml 0.5 kB

Test_JBossWithJaas/.../ice-login-config.xml 0.8 kB

Test_JBossWithJaas/.../backport-util-concurrent.jar 319 kB

Test_JBossWithJaas/.../commons-beanutils.jar 184 kB

Test_JBossWithJaas/.../commons-collections.jar 558 kB

Test_JBossWithJaas/.../commons-digester.jar 140 kB

Test_JBossWithJaas/lib/.../commons-el.jar 110 kB

Test_JBossWithJaas/.../commons-fileupload.jar 52 kB

Test_JBossWithJaas/.../commons-logging.jar 52 kB

Test_JBossWithJaas/.../icefaces-comps.jar 1.51 MB

Test_JBossWithJaas/.../icefaces-facelets.jar 593 kB

Test_JBossWithJaas/lib/.../icefaces.jar 770 kB

Test_JBossWithJaas/lib/ICEfaces/jstl.jar 17 kB

Test_JBossWithJaas/.../krysalis-jCharts-1.0.0-alpha-1.jar 151 kB

Test_JBossWithJaas/lib/jbosssx.jar 306 kB

Test_JBossWithJaas/lib/jsf-api-1.2.jar 316 kB

Test_JBossWithJaas/lib/jsf-impl-1.2.jar 1.15 MB

Test_JBossWithJaas/lib/jsp-api.jar 71 kB

Test_JBossWithJaas/.../mysql-connector-java-5.1.5-bin.jar 661 kB

Test_JBossWithJaas/lib/servlet-api.jar 83 kB

Test_JBossWithJaas/.../LoginProxyBean.java 1 kB

Test_JBossWithJaas/src/.../LogoutBean.java 0.4 kB

Test_JBossWithJaas/src/.../RoleHandler.java 1 kB

Test_JBossWithJaas/WebRoot/index.jsp 0.2 kB

Showing 30 of 47 items Download Zip
Show

Test_JBossWithJaas.zip

29/Oct/08 11:36 AM

6.37 MB

Tyler Johnson

Issue Links

blocks

ICE-3808 RuntimeException "Cannot determine if user in role" during file upload

Closed

ICE-3900 Cannot determine if user in role - using inputFile, menuItem, panelGroup with renderedOnUserRole

Closed

Activity

Ascending order - Click to sort in descending order

Tyler Johnson created issue - 29/Oct/08 11:34 AM

Tyler Johnson made changes - 29/Oct/08 11:36 AM

Field	Original Value	New Value
Attachment		Test_JBossWithJaas.zip [ 11313 ]

Ken Fyten made changes - 29/Oct/08 11:38 AM

Fix Version/s		1.8DR#2 [ 10142 ]
Affects		[Documentation (User Guide, Ref. Guide, etc.), Sample App./Tutorial, Compatibility/Configuration]
Assignee		Deryk Sinotte [ deryk.sinotte ]

Tyler Johnson made changes - 03/Nov/08 2:50 PM

Attachment

IceFacesJAASAuthentication.java.zip [ 11320 ]

Tyler Johnson made changes - 03/Nov/08 2:51 PM

Attachment

IceFacesJAASGrantedAuthority.java.zip [ 11321 ]

Tyler Johnson made changes - 03/Nov/08 2:51 PM

Attachment

IceFacesJAASSecurityContext.java.zip [ 11322 ]

Hide

Permalink

Tyler Johnson added a comment - 03/Nov/08 2:53 PM

Here is the workaround code that the user has used to overwrite our acegi security classes in favor of JAAS based classes.

1. IceFacesJAASAuthentication.java.zip
2. IceFacesJAASGrantedAuthority.java.zip
3. IceFacesJAASSecurityContext.java.zip

Show

Tyler Johnson added a comment - 03/Nov/08 2:53 PM Here is the workaround code that the user has used to overwrite our acegi security classes in favor of JAAS based classes. 1. IceFacesJAASAuthentication.java.zip 2. IceFacesJAASGrantedAuthority.java.zip 3. IceFacesJAASSecurityContext.java.zip

Deryk Sinotte made changes - 11/Nov/08 5:05 PM

Assignee Priority		P2
Assignee	Deryk Sinotte [ deryk.sinotte ]	Mircea Toma [ mircea.toma ]

Deryk Sinotte made changes - 11/Nov/08 5:33 PM

ICEfaces Forum Reference

http://www.icefaces.org/JForum/posts/list/10020.page

Hide

Permalink

Golgoth added a comment - 12/Nov/08 6:04 AM

Hi,

I'm interested to use JAAS security on Glassfish.

Do you know which modifications do to the RoleHandler class ?

Thank you.

Show

Golgoth added a comment - 12/Nov/08 6:04 AM Hi, I'm interested to use JAAS security on Glassfish. Do you know which modifications do to the RoleHandler class ? Thank you.

Repository	Revision	Date	User	Message
ICEsoft Public SVN Repository	#17892	Thu Nov 13 04:11:25 MST 2008	mircea.toma	~~ICE-3707~~ Make use of pending HTTP requests for authorization querying. Refactor.
				Files Changed
				MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/MainSessionBoundServlet.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/MainServlet.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/core/SingleViewServer.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/context/View.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/portlet/PortletExternalContext.java DEL /icefaces/trunk/icefaces/core/src/com/icesoft/faces/env/AuthenticationVerifier.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/context/BridgeExternalContext.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/ServletExternalContext.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/portlet/PortletEnvironmentRenderRequest.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/env/SpringAuthWrapper.java ADD /icefaces/trunk/icefaces/core/src/com/icesoft/faces/env/Authorization.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/SessionDispatcher.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/ServletEnvironmentRequest.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/context/BridgeFacesContext.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/env/AcegiAuthWrapper.java MODIFY /icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/core/MultiViewServer.java

Hide

Permalink

Mircea Toma added a comment - 13/Nov/08 6:52 AM

Make use of pending HTTP requests for authorization querying. Refactor.

Show

Mircea Toma added a comment - 13/Nov/08 6:52 AM Make use of pending HTTP requests for authorization querying. Refactor.

Mircea Toma made changes - 13/Nov/08 6:52 AM

Status	Open [ 1 ]	Resolved [ 5 ]
Resolution		Fixed [ 1 ]

Mircea Toma made changes - 13/Nov/08 6:53 AM

Workaround Description

Use ACEGI/Spring security configured with JAAS plugin.

Repository	Revision	Date	User	Message
ICEsoft Public SVN Repository	#17894	Thu Nov 13 08:24:58 MST 2008	mircea.toma	~~ICE-3707~~ Make use of pending HTTP requests for authorization querying. Refactor.
				Files Changed
				MODIFY /icefaces/trunk/icefaces/ahs/src/com/icesoft/faces/async/servlet/AsyncHttpServlet.java

Tyler Johnson made changes - 11/Mar/09 12:41 PM

Salesforce Case

[5007000000811ae]

Ken Fyten made changes - 31/Mar/09 11:53 PM

Fix Version/s		1.8 [ 10161 ]
Assignee Priority	P2

Ken Fyten made changes - 10/Apr/09 11:27 AM

Status	Resolved [ 5 ]	Closed [ 6 ]
Assignee	Mircea Toma [ mircea.toma ]

Deryk Sinotte made changes - 10/Sep/09 12:08 PM

Link

This issue blocks ~~ICE-3808~~ [ ~~ICE-3808~~ ]

Deryk Sinotte made changes - 10/Sep/09 12:29 PM

Link

This issue blocks ~~ICE-3900~~ [ ~~ICE-3900~~ ]

People

Assignee:

Unassigned

Reporter:

Tyler Johnson

Votes:

3 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

29/Oct/08 11:34 AM

Updated:

10/Sep/09 12:29 PM

Resolved:

13/Nov/08 6:52 AM