tomee-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Piercarlo Alberto Beghetto - Diennea <>
Subject JAAS roles propagation in TomEE
Date Fri, 06 Feb 2015 09:27:12 GMT

i'm on a JAAS authentication realm for a web application on TomEE.

I think I miss a thing in the login process.

I developed my custom LoginModule, configured it and seems work well.
When i try to log in the user (with HttpServletRequest.login() or LoginContext.login()) all
works fine, realm recognize username and password and I get the user's roles setted in the

After the login there is a redirect and in the new servlet there is no trace of user principals
or roles principals setted by login.

I try

-          HttpServletRequest.getRemoteUser()

-          HttpServletRequest.isUserInRole()

-          @RolesAllowed("someroles")
But in any way I have no trace of the logged user

Here are my configurations:

In context:
<Realm className="org.apache.catalina.realm.JAASRealm"

login.config (in TomEE conf folder):
custom-login {
   custom.login.module.package.Module required;

The custom.login.module.package.Module by spec implements LoginModule, and the principals
I set on commit() operation are



Referenced by:

Am I missing something? Any advice?

Piercarlo Alberto Beghetto
Developer @ Diennea - MagNews
Tel.: (+39) 0546 066100 - Int. 967
Viale G.Marconi 30/14 - 48018 Faenza (RA)

<>      []
<>      []

Iscriviti alla nostra newsletter per rimanere aggiornato su digital ed email marketing!

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message