|
| Hi,
I do not know if this is the correct newsgroup to post this, so if it isn't , let me know.
I have read a lot about JAAS , autentication and stuf, I have implementend my own LoginModule and
CallbackHandler. The goal is to make a non-web j2ee application where users have to login before
they can use the application client, but users have a profile of options that the aplication must
take into account. Well, I've implemented a LoginModule that comunicates with the database via the
BusinessDelegate + Facade patterns.
The facade is a Stateless bean with this method
public void Subject login(Map loginData)
if the login is good the subject will be returned with all it's principals and credencials, if not,
an empty subject is returned.
Having said this, my problem is to understand how to map my aplication roles to principals in the
JAAS framework. or even if this is the correct way to handle aplication roles.
My aplication users have a login and password and a profile. This profile , among other things
carries preferences about the localization of the user (the locale used to render information such
as text and number formating) and several aplication specific options the user may consult at any
time and, in some cases, alter. the user also has roles, he cannot modify or even consult them -
Only the adminstrator role can do this - but they are attach to the subject.
Well, my questions:
1)
How to attach a profile to a subject in the JAAS framework. I wonder if I may extend Subject to have
getProfile/setProfile methods, so an autenticated user corresponds with a subject that has a profile
object.
2)
About roles. If a user can have many roles in the aplication , and those roles can extend one
another like :
If Role A as permission X and role B as permission Y , cole C=A+B will have both permissions.
can I map the roles to principals ? and in that case I map permissions to what ? (credencials or
properties inside the principals ? )
More simply, How to I attach application Roles to JAAS subjects ?
Thank you for any help
|
|