通过JAAS以编程方式登录用户 [英] Login a user programmatically via JAAS
问题描述
我试图通过以编程方式登录这样的用户(剥离的异常处理),在不同的身份验证中运行JBoss Container中的代码:
I'm trying to run code within JBoss Container under a different authentication by programatically logging in a user like that (stripped exception handling):
LoginContext ctx = ctx =
new LoginContext("MyLoginSchema",
new UsernamePasswordCallbackHandler("newuser", "")
);
ctx.login();
Subject.doAs(ctx.getSubject(), new PrivilegedAction<T>() {
@Override
public T run() {
Subject.getSubject(AccessController.getContext());
InitialContext ic = new InitialContext();
EJBContext sctxLookup = (EJBContext) ic.lookup("java:comp/EJBContext");
Principal principal = sctxLookup.getCallerPrincipal();
}
});
登录 newuser
有效(致电 LoginModule
成功)但 Subject.doAs()
不会将新主题与相关联EJBContext的
。 run()
-Method中的代码仍然从 EJBContext
中提取旧用户的主体。
Login of newuser
works (Call of LoginModule
was successful) but Subject.doAs()
doesn't associate the new Subject with the EJBContext
. The code in the run()
-Method still fetches the old user's principal from EJBContext
.
我测试了另一种检索登录用户的方法,但这里的行为相同:
I tested another method of retrieving the logged in user but same behavior here:
Subject caller = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");
任何想法?
推荐答案
你现在使用哪个 LoginModule
?在JBoss 6.1中,您必须使用 ClientLoginModule
在容器中进行身份验证。
Which LoginModule
do you use now? In JBoss 6.1 you had to use ClientLoginModule
to authenticate in container.
这篇关于通过JAAS以编程方式登录用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!