Update the group information in the subject - Weblogic

This is a discussion on Update the group information in the subject - Weblogic ; Hello, I would like to know how to update the information within the subject. We use our own authentification security provider since user and group datebase is stored externally. Situation is as follows: There two types of customers (prospects and ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Update the group information in the subject

  1. Update the group information in the subject

    Hello,

    I would like to know how to update the information within the subject.
    We use our own authentification security provider since user and group datebase is stored externally.
    Situation is as follows: There two types of customers (prospects and active customers) within our web application which are handled by two different user groups. Propects can logon and become - based on certain activities - active customers. In this case we need to make the web logic server aware of the change of the user group (without logging out and loggin in again - at least not manually by the user)

    Product: Weblogic Server 8.1 SP4

  2. Re: Update the group information in the subject

    Add the groups (WLSGroup objects) to the Subject during Authentication.

    Florian Heuser wrote:
    > Hello,
    >
    > I would like to know how to update the information within the subject.
    > We use our own authentification security provider since user and group datebase is stored externally.
    > Situation is as follows: There two types of customers (prospects and active customers) within our web application which are handled by two different user groups. Propects can logon and become - based on certain activities - active customers. In this case we need to make the web logic server aware of the change of the user group (without logging out and loggin in again - at least not manually by the user)
    >
    > Product: Weblogic Server 8.1 SP4


  3. Re: Update the group information in the subject

    I dont think we can update the subject from any program outside the SSPI. The authenticator has to update the subject. Once we have authenticated, the principal validator signs the principal and there is no way we can modify that. If we modify that we will have an exception thrown. The best way to handle that is maybe make the changes to the database (that convert the user from a prospect to a active user) and issue a logout and re-login. That will call the authenticators in the chain and the new group will be added to the subject.
    Hope this helps!

+ Reply to Thread