How find user roles after a JAAS login with a Security Provider? - Weblogic

This is a discussion on How find user roles after a JAAS login with a Security Provider? - Weblogic ; Problem: Weblogic Server 7.x. Need to know which roles a user is in as a part of a JAAS login. Circumstances: Looking at the DEV2DEV simplesample (custom) SecurityProvider example. Has anybody ever done JAAS login - AND need to send ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: How find user roles after a JAAS login with a Security Provider?

  1. How find user roles after a JAAS login with a Security Provider?

    Problem:

    Weblogic Server 7.x. Need to know which roles a user is in as a part
    of a JAAS login.

    Circumstances:

    Looking at the DEV2DEV simplesample (custom) SecurityProvider example.
    Has anybody ever done JAAS login - AND need to send a list of
    accessible resources out to the client?? Fx. you may need to shape
    client GUI according to the user rights on the server...

    HEY! The rolemapper knows! It keeps track of relations between roles
    and resources. Continously!

    BUT! The RoleMapper/RoleMapperDatabase is hidden deep behind the
    container and I just don't see how to get access to a list of
    role/group rights when doing the login() in the
    SimpleSampleLoginModuleImpl.java

    SURE, I could read a physical property file (the
    'RoleMapper.properties' somewhere on the system,
    which is updated by the rolemapper) - but this file is not updated as
    quickly as the rolemapper itself inside weblogic - and it is poor
    programming in my opinion to base your things on parsing a file, which
    may not be updated until WLS is restarted.

    Phew. I spent more time on this than I'd like to admit in public.

    regards

    Stig Valentini
    sv@steria.dk
    (stigv@hotmail.com)

  2. Re: How find user roles after a JAAS login with a Security Provider?


    "Stig" wrote in message
    news:a185026e.0308052319.7b352055@posting.google.c om...
    > Problem:
    >
    > Weblogic Server 7.x. Need to know which roles a user is in as a part
    > of a JAAS login.
    >


    There is no public api to get the roles for a user.




+ Reply to Thread