W
WhizBaby
I am currently using Jaas authentication in tomcat through FORM
authentication using a servlet which calls LoginContext which instantiates a
custom CallbackHandler. The CallbackHandler is passed a generic Subject
object created by the base handler. When logging in I can authenticate and
process all the way through the commit.
My question is this. How does request.IsUserInRole("administrator") work?
Everytime I inspect this I get a false even though I know I added the
principal "administrator" to the UserPrincipal. Do I need to specifically
store the Subject object passed to the LoginContext in the servlet and use
it instead? I saw some detail about session.getRole("role") but this
doesn't appear to work.
Any help would be greatly appreaciated. I know I am so close to getting
this to work.
Scotchy
authentication using a servlet which calls LoginContext which instantiates a
custom CallbackHandler. The CallbackHandler is passed a generic Subject
object created by the base handler. When logging in I can authenticate and
process all the way through the commit.
My question is this. How does request.IsUserInRole("administrator") work?
Everytime I inspect this I get a false even though I know I added the
principal "administrator" to the UserPrincipal. Do I need to specifically
store the Subject object passed to the LoginContext in the servlet and use
it instead? I saw some detail about session.getRole("role") but this
doesn't appear to work.
Any help would be greatly appreaciated. I know I am so close to getting
this to work.
Scotchy