portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Woonsan Ko <woon_...@yahoo.com>
Subject Re: Creating Spring Authorities from LDAP
Date Tue, 21 Dec 2010 19:13:10 GMT
Hi Tim,

With a servlet filter, I don't think there's any safe solution to access the subject.
However, if you can use a portlet filter, it's possible to access the subject by using org.apache.jetspeed.security.JSSubject#getSubject().
I guess a portlet filter would fit for your use case because you mentioned spring portlet
mvc based applications.

Regards,

Woonsan

--- On Tue, 12/21/10, Tim MacDonald <TimMacDonald@smarttech.com> wrote:

> From: Tim MacDonald <TimMacDonald@smarttech.com>
> Subject: Re: Creating Spring Authorities from LDAP
> To: "Jetspeed Developers List" <jetspeed-dev@portals.apache.org>
> Date: Tuesday, December 21, 2010, 7:23 PM
> Thanks Vivek,
> 
> I have verified that roles are being imported into the
> security_principal table.
> 
> Is there an easy way to access the subject using a filter?
> By debugging, I can see that the subject is set, but I can't
> find a way to access it.
> On 2010-12-21, at 12:44 PM, Vivek Kumar wrote:
> 
> > Jetspeed put user roles in httpRequest subject, while
> user
> > get authenticated from database or ldap.  This is
> should work
> > 
> > I think you can check jetspeed database to verify
> that, if your roles and
> > their mapping have been synced to database.
> > 
> > Here are tables "SECURITY_PRINCIPAL" and
> "SECURITY_PRINCIPAL_ASSOC"
> > 
> > Vivek
> > 
> > On Tue, Dec 21, 2010 at 5:17 PM, Tim MacDonald
> > <TimMacDonald@smarttech.com>wrote:
> > 
> >> I've been able to configure Jetspeed to
> authenticate against an ApacheDS
> >> LDAP server. What I'm trying to do is transfer the
> roles (groups) coming
> >> from the LDAP server into Spring
> GrantedAuthorities so that I can secure
> >> Spring Portlet MVC controllers using the @Secured
> annotation. I've tried
> >> using a filter to check for specific roles against
> the request.isUserInRole,
> >> but it returns false for the LDAP roles. What is
> the recommended way for
> >> accessing LDAP roles?
> >> 
> >> Thanks,
> >> Tim Macdonald
> >> 
> >>
> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> >> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
> >> 
> >> 
> > 
> > 
> > -- 
> > Regards & thanks
> > Vivek Kumar
> > 
> > firevelocity@gmail.com
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
> 
> 


      

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message