3 Replies Latest reply on Mar 10, 2012 12:33 AM by knune

    JBoss Security Changing the role in subject

    knune

      Hi,

       

      I've one requirement in which Authenticated Subject role has to be replace with new one once user changes role from drop down.

      Just want to is it possible or not if yes please help me how to handle this scenario.

       

      I've tested wth SecurityAssociation class. From this class i'm getting subject object and i've added new role to this subject and removing old role. But no luck.

       

      Kind Regards

      Kiran

        • 1. Re: JBoss Security Changing the role in subject
          frito

          I would guess, the JaasSecurityManager is caching principal and credential information from last successful login.

          See http://docs.jboss.org/jbosssecurity/docs/6.0/security_guide/html_single/index.html

           

          Regards,

           

          Bernd

          • 2. Re: JBoss Security Changing the role in subject
            knune

            Thanks Brend. I will check url you suggested and get back to you.

             

            Kind Regards

            Kiran

            • 3. Re: JBoss Security Changing the role in subject
              knune

              Hi,

               

              After searching in the forums i found foloowing code and modified to my requirements. Seems to be fine in EJB layer but coming to web layer the new role reflecting in Subject but Authorization check is not taking with this new role in the subject. Any suggestions are welcome. I'm pasting my code here.

               

               

               

               

               

               

               

               

               

               

               

               

               

                   try

                        {

               

               

               

               

                             Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container");

                             Set<Principal> set = subject.getPrincipals();

                             Iterator itr = set.iterator();

               

               

                             while (itr.hasNext())

                             {

                                  Principal obj = (Principal) itr.next();

                                  System.out.println("Principal Class Name: *************" +obj.getClass());

                                  System. out.println("Principal Name: *************" +obj.getName());

                                   if(obj instanceof SimpleGroup) {

                                  Enumeration<Principal> enm = ((SimpleGroup) obj).members();

                                  while (enm.hasMoreElements()) {

                                       Principal p = (Principal) enm.nextElement();

                                       System. out.println("Group Member Principal Class Name: *************" +p.getClass());

                                       System. out.println("Group Member Principal Name: *************" +p.getName());

                                  }

                            

                                  if(((SimpleGroup) obj).isMember(new org.jboss.security.SimplePrincipal("rolename" )))

                                  {

                                       ((SimpleGroup) obj).removeMember(new org.jboss.security.SimplePrincipal("rolename"));

                                       ((SimpleGroup) obj).addMember( new org.jboss.security.SimplePrincipal("testrole"));

                                  }

                             }

                        }

               

                   }

                catch (PolicyContextException e) {

               

              }

               

               

               

               

                // TODO : handle exception