3 Replies Latest reply: Mar 10, 2012 12:33 AM by Kiran Nune RSS

JBoss Security Changing the role in subject

Kiran Nune Newbie

Hi,

 

I've one requirement in which Authenticated Subject role has to be replace with new one once user changes role from drop down.

Just want to is it possible or not if yes please help me how to handle this scenario.

 

I've tested wth SecurityAssociation class. From this class i'm getting subject object and i've added new role to this subject and removing old role. But no luck.

 

Kind Regards

Kiran

  • 1. Re: JBoss Security Changing the role in subject
    Bernd Zeitler Expert

    I would guess, the JaasSecurityManager is caching principal and credential information from last successful login.

    See http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html_single/index.html

     

    Regards,

     

    Bernd

  • 2. Re: JBoss Security Changing the role in subject
    Kiran Nune Newbie

    Thanks Brend. I will check url you suggested and get back to you.

     

    Kind Regards

    Kiran

  • 3. Re: JBoss Security Changing the role in subject
    Kiran Nune Newbie

    Hi,

     

    After searching in the forums i found foloowing code and modified to my requirements. Seems to be fine in EJB layer but coming to web layer the new role reflecting in Subject but Authorization check is not taking with this new role in the subject. Any suggestions are welcome. I'm pasting my code here.

     

     

     

     

     

     

     

     

     

     

     

     

     

         try

              {

     

     

     

     

                   Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");

                   Set<Principal> set = subject.getPrincipals();

                   Iterator itr = set.iterator();

     

     

                   while (itr.hasNext())

                   {

                        Principal obj = (Principal) itr.next();

                        System.out.println("Principal Class Name: *************" +obj.getClass());

                        System. out.println("Principal Name: *************" +obj.getName());

                         if(obj instanceof SimpleGroup) {

                        Enumeration<Principal> enm = ((SimpleGroup) obj).members();

                        while (enm.hasMoreElements()) {

                             Principal p = (Principal) enm.nextElement();

                             System. out.println("Group Member Principal Class Name: *************" +p.getClass());

                             System. out.println("Group Member Principal Name: *************" +p.getName());

                        }

                  

                        if(((SimpleGroup) obj).isMember(new org.jboss.security.SimplePrincipal("rolename" )))

                        {

                             ((SimpleGroup) obj).removeMember(new org.jboss.security.SimplePrincipal("rolename"));

                             ((SimpleGroup) obj).addMember( new org.jboss.security.SimplePrincipal("testrole"));

                        }

                   }

              }

     

         }

      catch (PolicyContextException e) {

     

    }

     

     

     

     

      // TODO : handle exception