You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomee.apache.org by Thiago Veronezi <th...@veronezi.org> on 2012/07/06 18:20:29 UTC
tomcat/openejb security integration -> directions
Hi guys!
I am trying to handle the user "login" in a programmatic way.
The command bellow is called by a Servlet...
*************************************
public class Login implements Command {
@Override
public Object execute(Params params) throws Exception {
final String user = params.getString("userName");
final String password = params.getString("userPassword");
params.getReq().login(user, password);
return null;
}
}
*************************************
This is fine. I manage to login. The problem is that at the EJB side the
Principal is still the "guest" user. See the EJB code below...
*************************************
@Override
public Map<String, Object> getSystemStatus() {
final Map<String, Object> result = new HashMap<String, Object>();
result.put("isAdmin", this.context.isCallerInRole("admin"));
result.put("isUser", this.context.isCallerInRole("user"));
result.put("userName", this.context.getCallerPrincipal().getName());
result.put("currentDraw", getCurrentDraw());
return result;
}
*************************************
I have a feeling that Tomee does not manage manual logins like the one
above. Can you guys give me a hint of where should I find this integration
code?
[]s,
Thiago.
Re: tomcat/openejb security integration -> directions
Posted by André Zimmermann <zi...@gmail.com>.
Thanks a lot for your help. I finally got it working.
Had to annotate the PrincipalEJB with @SessionScoped. It is also important,
that the EJB is a stateful bean.
@Stateful
@SessionScoped
public class PrinciaplEjb {
@Resource
private EJBContext context;
public String info() {
return context.getCallerPrincipal().getName();
}
}
>that's the way tomcat JAASRealm works (in fact this sentence is a little
>shortcut to say the relative hierarchy)
>basically if you create a session before the login it will work.
>here the login is called, there is no session so the principal is not
>cached in the session.
--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661521.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
ok got it,
that's the way tomcat JAASRealm works (in fact this sentence is a little
shortcut to say the relative hierarchy)
basically if you create a session before the login it will work.
here the login is called, there is no session so the principal is not
cached in the session.
*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*
2013/3/13 Romain Manni-Bucau <rm...@gmail.com>
> sorry, my fault, gmail was hiding it
>
> *Romain Manni-Bucau*
> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
> *Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
> *Github: https://github.com/rmannibucau*
>
>
>
> 2013/3/13 André Zimmermann <zi...@gmail.com>
>
>> I already shared the full example in a previous post from Mar 12, 2013;
>> 9:43am.
>>
>> I also described, how to use it.
>>
>> > please share the full sample ready to run
>>
>>
>>
>> --
>> View this message in context:
>> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661493.html
>> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>>
>
>
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
sorry, my fault, gmail was hiding it
*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*
2013/3/13 André Zimmermann <zi...@gmail.com>
> I already shared the full example in a previous post from Mar 12, 2013;
> 9:43am.
>
> I also described, how to use it.
>
> > please share the full sample ready to run
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661493.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>
Re: tomcat/openejb security integration -> directions
Posted by André Zimmermann <zi...@gmail.com>.
I already shared the full example in a previous post from Mar 12, 2013;
9:43am.
I also described, how to use it.
> please share the full sample ready to run
--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661493.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
please share the full sample ready to run
*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*
2013/3/13 André Zimmermann <zi...@gmail.com>
> I added the InfoServlet which should return the previous logged in user.
>
> >what's your "extension"?
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661486.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>
Re: tomcat/openejb security integration -> directions
Posted by André Zimmermann <zi...@gmail.com>.
I added the InfoServlet which should return the previous logged in user.
>what's your "extension"?
--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661486.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
what's your "extension"?
*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*
2013/3/12 André Zimmermann <zi...@gmail.com>
> Yes
>
> > you started it through maven tomee plugin?
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661440.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>
Re: tomcat/openejb security integration -> directions
Posted by André Zimmermann <zi...@gmail.com>.
Yes
> you started it through maven tomee plugin?
--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661440.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
you started it through maven tomee plugin?
*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*
2013/3/12 André Zimmermann <zi...@gmail.com>
> In the following example, i extended the cdi-ejbcontext-jaas example and
> added a second service call.
>
> 1) First you can login with the existing service.
>
>
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomee&myPass=tomee
>
> 2) You can call the second service. I expect tomee as result but guest is
> returned.
>
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontextinfo
>
> cdi-ejbcontext-jaas.zip
> <http://openejb.979440.n4.nabble.com/file/n4661427/cdi-ejbcontext-jaas.zip
> >
>
> What is missing in that example?
>
> Thanks a lot for your help
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661427.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>
Re: tomcat/openejb security integration -> directions
Posted by André Zimmermann <zi...@gmail.com>.
In the following example, i extended the cdi-ejbcontext-jaas example and
added a second service call.
1) First you can login with the existing service.
http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomee&myPass=tomee
2) You can call the second service. I expect tomee as result but guest is
returned.
http://localhost:8080/cdi-ejbcontext-jaas/ejbcontextinfo
cdi-ejbcontext-jaas.zip
<http://openejb.979440.n4.nabble.com/file/n4661427/cdi-ejbcontext-jaas.zip>
What is missing in that example?
Thanks a lot for your help
--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661427.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
basically openejb/trunk/openejb is now tomee/tomee/trunk
*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau*
*Github: https://github.com/rmannibucau*
2013/3/11 André Zimmermann <zi...@gmail.com>
> Hi
>
> I have the same problem with security context. You spoke about the updated
> example
>
>
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
>
> Can you give me a correct link to it? Did you finally solved your problem?
>
> Thanks André
>
>
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661399.html
> Sent from the OpenEJB Dev mailing list archive at Nabble.com.
>
Re: tomcat/openejb security integration -> directions
Posted by André Zimmermann <zi...@gmail.com>.
Hi
I have the same problem with security context. You spoke about the updated
example
http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
Can you give me a correct link to it? Did you finally solved your problem?
Thanks André
--
View this message in context: http://openejb.979440.n4.nabble.com/tomcat-openejb-security-integration-directions-tp4656113p4661399.html
Sent from the OpenEJB Dev mailing list archive at Nabble.com.
Re: tomcat/openejb security integration -> directions
Posted by Thiago Veronezi <th...@veronezi.org>.
>>For me the behavior is fine (the storing is to do by the user)
I agree.
[]s,
Thiago.
On Sun, Jul 8, 2012 at 11:54 AM, Romain Manni-Bucau
<rm...@gmail.com>wrote:
> in fact it works fine...for a single request
>
> the security context scope is the request.
>
> i'll update back the sample to make it working
>
> the question now is do we want to use the session
> (request.getSessionInternal) or not?
>
> looking the javadoc doesnt help a lot since the login simply valid the
> username/password but doesnt deal with persistence or not
>
> For me the behavior is fine (the storing is to do by the user)
>
> wdyt?
>
> - Romain
>
>
> 2012/7/7 Romain Manni-Bucau <rm...@gmail.com>
>
> > hmm it was working when i commited the sample,
> >
> > maybe check with another tomcat version
> >
> > i'll work on it on monday
> >
> > - Romain
> >
> >
> >
> > 2012/7/7 Thiago Veronezi <th...@veronezi.org>
> >
> >> Update: Not our issue! :O)
> >>
> http://tomcat.10.n6.nabble.com/request-login-not-persistent-td4687840.html
> >>
> >> []s,
> >> Thiago.
> >>
> >> On Fri, Jul 6, 2012 at 5:11 PM, Thiago Veronezi <th...@veronezi.org>
> >> wrote:
> >>
> >> > I confirm that TomEERealm is being used.
> >> > Man... this is hard to debug! :)
> >> >
> >> >
> >> > On Fri, Jul 6, 2012 at 4:26 PM, Romain Manni-Bucau <
> >> rmannibucau@gmail.com>wrote:
> >> >
> >> >> seems you are right...not sure what happened :(
> >> >>
> >> >> dont have time until next week to look it but TomEERealm should be
> >> used to
> >> >> do it
> >> >>
> >> >> - Romain
> >> >>
> >> >>
> >> >> 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> >> >>
> >> >> > Hi,
> >> >> >
> >> >> > the same problem.
> >> >> >
> >> >> >
> >> >> > On Fri, Jul 6, 2012 at 2:24 PM, Romain Manni-Bucau <
> >> >> rmannibucau@gmail.com
> >> >> > >wrote:
> >> >> >
> >> >> > > Use tomee trunk
> >> >> > > Le 6 juil. 2012 20:11, "Thiago Veronezi" <th...@veronezi.org> a
> >> >> écrit :
> >> >> > >
> >> >> > > > the server here:
> >> >> > > >
> >> >> > > >
> >> >> > >
> >> >> >
> >> >>
> >>
> http://www.apache.org/dyn/closer.cgi/openejb/openejb-4.0.0/apache-tomee-1.0.0-plus.tar.gz
> >> >> > > > the example here:
> >> >> > > >
> >> >> > > >
> >> >> > >
> >> >> >
> >> >>
> >>
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> >> >> > > >
> >> >> > > >
> >> >> > > > On Fri, Jul 6, 2012 at 1:49 PM, Romain Manni-Bucau <
> >> >> > > rmannibucau@gmail.com
> >> >> > > > >wrote:
> >> >> > > >
> >> >> > > > > Trunk?
> >> >> > > > > Le 6 juil. 2012 19:47, "Thiago Veronezi" <
> thiago@veronezi.org>
> >> a
> >> >> > > écrit :
> >> >> > > > >
> >> >> > > > > > >>The sample was working
> >> >> > > > > >
> >> >> > > > > > Not for me. Now we can call the servlet this way...
> >> >> > > > > >
> >> >> > > > > >
> >> >> > > > >
> >> >> > > >
> >> >> > >
> >> >> >
> >> >>
> >>
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
> >> >> > > > > > and it should redirect to the
> >> >> > > > > > http://localhost:8080/cdi-ejbcontext-jaas/user in
> >> >> > > > > > case of a successful login.
> >> >> > > > > >
> >> >> > > > > > >>is your realm the first one in server.xml
> >> >> > > > > > This is a brand new tomee from our download page. I just
> >> >> downloaded
> >> >> > > it
> >> >> > > > > and
> >> >> > > > > > drop the "cdi-ejbcontext-jaas.war". I was expecting to use
> >> the
> >> >> > > regular
> >> >> > > > > > "tomcat-users.xml".
> >> >> > > > > >
> >> >> > > > > >
> >> >> > > > > >
> >> >> > > > > > On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <
> >> >> > > > > rmannibucau@gmail.com
> >> >> > > > > > >wrote:
> >> >> > > > > >
> >> >> > > > > > > The sample was working, is your realm the first one in
> >> >> > server.xml?
> >> >> > > > > > >
> >> >> > > > > > > Maybe check TomEERealm is added in TomcatSecurityService
> >> and
> >> >> used
> >> >> > > at
> >> >> > > > > > login
> >> >> > > > > > > time.
> >> >> > > > > > > Le 6 juil. 2012 19:26, "Thiago Veronezi" <
> >> thiago@veronezi.org>
> >> >> a
> >> >> > > > > écrit :
> >> >> > > > > > >
> >> >> > > > > > > > Yeap.... same thing.
> >> >> > > > > > > > I just updated the example.
> >> >> > > > > > > >
> >> >> > > > > > > > Thanks!
> >> >> > > > > > > >
> >> >> > > > > > > >
> >> >> > > > > > > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
> >> >> > > > > > > rmannibucau@gmail.com
> >> >> > > > > > > > >wrote:
> >> >> > > > > > > >
> >> >> > > > > > > > > Did you try a redirect?
> >> >> > > > > > > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <
> >> >> > thiago@veronezi.org>
> >> >> > > a
> >> >> > > > > > > écrit :
> >> >> > > > > > > > >
> >> >> > > > > > > > > > Hi,
> >> >> > > > > > > > > >
> >> >> > > > > > > > > > I think something is wrong.
> >> >> > > > > > > > > >
> >> >> > > > > > > > > >
> >> >> > > > > > > > > >
> >> >> > > > > > > > >
> >> >> > > > > > > >
> >> >> > > > > > >
> >> >> > > > > >
> >> >> > > > >
> >> >> > > >
> >> >> > >
> >> >> >
> >> >>
> >>
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> >> >> > > > > > > > > >
> >> >> > > > > > > > > > This example does exactly what I am trying to do,
> >> but...
> >> >> > > > > > > > > >
> >> >> > > > > > > > > >
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> >> >> > > > > > > > > >
> >> >> > > > > > > > > > ... returns "guest".
> >> >> > > > > > > > > >
> >> >> > > > > > > > > > []s,
> >> >> > > > > > > > > > Thiago.
> >> >> > > > > > > > > >
> >> >> > > > > > > > > >
> >> >> > > > > > > > > >
> >> >> > > > > > > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> >> >> > > > > > > > > > <rm...@gmail.com>wrote:
> >> >> > > > > > > > > >
> >> >> > > > > > > > > > > sounds familiar (already answered i guess)
> >> >> > > > > > > > > > >
> >> >> > > > > > > > > > > make a redirection after the login
> >> >> > > > > > > > > > >
> >> >> > > > > > > > > > > - Romain
> >> >> > > > > > > > > > >
> >> >> > > > > > > > > > >
> >> >> > > > > > > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> >> >> > > > > > > > > > >
> >> >> > > > > > > > > > > > Hi guys!
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > I am trying to handle the user "login" in a
> >> >> > programmatic
> >> >> > > > way.
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > The command bellow is called by a Servlet...
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > *************************************
> >> >> > > > > > > > > > > > public class Login implements Command {
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > @Override
> >> >> > > > > > > > > > > > public Object execute(Params params) throws
> >> >> > > Exception {
> >> >> > > > > > > > > > > > final String user =
> >> >> > params.getString("userName");
> >> >> > > > > > > > > > > > final String password =
> >> >> > > > > > params.getString("userPassword");
> >> >> > > > > > > > > > > > params.getReq().login(user, password);
> >> >> > > > > > > > > > > > return null;
> >> >> > > > > > > > > > > > }
> >> >> > > > > > > > > > > > }
> >> >> > > > > > > > > > > > *************************************
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > This is fine. I manage to login. The problem is
> >> >> that at
> >> >> > > the
> >> >> > > > > EJB
> >> >> > > > > > > > side
> >> >> > > > > > > > > > the
> >> >> > > > > > > > > > > > Principal is still the "guest" user. See the
> EJB
> >> >> code
> >> >> > > > > below...
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > *************************************
> >> >> > > > > > > > > > > > @Override
> >> >> > > > > > > > > > > > public Map<String, Object>
> getSystemStatus()
> >> {
> >> >> > > > > > > > > > > > final Map<String, Object> result = new
> >> >> > > > > HashMap<String,
> >> >> > > > > > > > > > Object>();
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > result.put("isAdmin",
> >> >> > > > > > > > this.context.isCallerInRole("admin"));
> >> >> > > > > > > > > > > > result.put("isUser",
> >> >> > > > > > > this.context.isCallerInRole("user"));
> >> >> > > > > > > > > > > > result.put("userName",
> >> >> > > > > > > > > > > > this.context.getCallerPrincipal().getName());
> >> >> > > > > > > > > > > > result.put("currentDraw",
> >> getCurrentDraw());
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > return result;
> >> >> > > > > > > > > > > > }
> >> >> > > > > > > > > > > > *************************************
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > I have a feeling that Tomee does not manage
> >> manual
> >> >> > logins
> >> >> > > > > like
> >> >> > > > > > > the
> >> >> > > > > > > > > one
> >> >> > > > > > > > > > > > above. Can you guys give me a hint of where
> >> should I
> >> >> > find
> >> >> > > > > this
> >> >> > > > > > > > > > > integration
> >> >> > > > > > > > > > > > code?
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > []s,
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > > > Thiago.
> >> >> > > > > > > > > > > >
> >> >> > > > > > > > > > >
> >> >> > > > > > > > > >
> >> >> > > > > > > > >
> >> >> > > > > > > >
> >> >> > > > > > >
> >> >> > > > > >
> >> >> > > > >
> >> >> > > >
> >> >> > >
> >> >> >
> >> >>
> >> >
> >> >
> >>
> >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
in fact it works fine...for a single request
the security context scope is the request.
i'll update back the sample to make it working
the question now is do we want to use the session
(request.getSessionInternal) or not?
looking the javadoc doesnt help a lot since the login simply valid the
username/password but doesnt deal with persistence or not
For me the behavior is fine (the storing is to do by the user)
wdyt?
- Romain
2012/7/7 Romain Manni-Bucau <rm...@gmail.com>
> hmm it was working when i commited the sample,
>
> maybe check with another tomcat version
>
> i'll work on it on monday
>
> - Romain
>
>
>
> 2012/7/7 Thiago Veronezi <th...@veronezi.org>
>
>> Update: Not our issue! :O)
>> http://tomcat.10.n6.nabble.com/request-login-not-persistent-td4687840.html
>>
>> []s,
>> Thiago.
>>
>> On Fri, Jul 6, 2012 at 5:11 PM, Thiago Veronezi <th...@veronezi.org>
>> wrote:
>>
>> > I confirm that TomEERealm is being used.
>> > Man... this is hard to debug! :)
>> >
>> >
>> > On Fri, Jul 6, 2012 at 4:26 PM, Romain Manni-Bucau <
>> rmannibucau@gmail.com>wrote:
>> >
>> >> seems you are right...not sure what happened :(
>> >>
>> >> dont have time until next week to look it but TomEERealm should be
>> used to
>> >> do it
>> >>
>> >> - Romain
>> >>
>> >>
>> >> 2012/7/6 Thiago Veronezi <th...@veronezi.org>
>> >>
>> >> > Hi,
>> >> >
>> >> > the same problem.
>> >> >
>> >> >
>> >> > On Fri, Jul 6, 2012 at 2:24 PM, Romain Manni-Bucau <
>> >> rmannibucau@gmail.com
>> >> > >wrote:
>> >> >
>> >> > > Use tomee trunk
>> >> > > Le 6 juil. 2012 20:11, "Thiago Veronezi" <th...@veronezi.org> a
>> >> écrit :
>> >> > >
>> >> > > > the server here:
>> >> > > >
>> >> > > >
>> >> > >
>> >> >
>> >>
>> http://www.apache.org/dyn/closer.cgi/openejb/openejb-4.0.0/apache-tomee-1.0.0-plus.tar.gz
>> >> > > > the example here:
>> >> > > >
>> >> > > >
>> >> > >
>> >> >
>> >>
>> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
>> >> > > >
>> >> > > >
>> >> > > > On Fri, Jul 6, 2012 at 1:49 PM, Romain Manni-Bucau <
>> >> > > rmannibucau@gmail.com
>> >> > > > >wrote:
>> >> > > >
>> >> > > > > Trunk?
>> >> > > > > Le 6 juil. 2012 19:47, "Thiago Veronezi" <th...@veronezi.org>
>> a
>> >> > > écrit :
>> >> > > > >
>> >> > > > > > >>The sample was working
>> >> > > > > >
>> >> > > > > > Not for me. Now we can call the servlet this way...
>> >> > > > > >
>> >> > > > > >
>> >> > > > >
>> >> > > >
>> >> > >
>> >> >
>> >>
>> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
>> >> > > > > > and it should redirect to the
>> >> > > > > > http://localhost:8080/cdi-ejbcontext-jaas/user in
>> >> > > > > > case of a successful login.
>> >> > > > > >
>> >> > > > > > >>is your realm the first one in server.xml
>> >> > > > > > This is a brand new tomee from our download page. I just
>> >> downloaded
>> >> > > it
>> >> > > > > and
>> >> > > > > > drop the "cdi-ejbcontext-jaas.war". I was expecting to use
>> the
>> >> > > regular
>> >> > > > > > "tomcat-users.xml".
>> >> > > > > >
>> >> > > > > >
>> >> > > > > >
>> >> > > > > > On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <
>> >> > > > > rmannibucau@gmail.com
>> >> > > > > > >wrote:
>> >> > > > > >
>> >> > > > > > > The sample was working, is your realm the first one in
>> >> > server.xml?
>> >> > > > > > >
>> >> > > > > > > Maybe check TomEERealm is added in TomcatSecurityService
>> and
>> >> used
>> >> > > at
>> >> > > > > > login
>> >> > > > > > > time.
>> >> > > > > > > Le 6 juil. 2012 19:26, "Thiago Veronezi" <
>> thiago@veronezi.org>
>> >> a
>> >> > > > > écrit :
>> >> > > > > > >
>> >> > > > > > > > Yeap.... same thing.
>> >> > > > > > > > I just updated the example.
>> >> > > > > > > >
>> >> > > > > > > > Thanks!
>> >> > > > > > > >
>> >> > > > > > > >
>> >> > > > > > > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
>> >> > > > > > > rmannibucau@gmail.com
>> >> > > > > > > > >wrote:
>> >> > > > > > > >
>> >> > > > > > > > > Did you try a redirect?
>> >> > > > > > > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <
>> >> > thiago@veronezi.org>
>> >> > > a
>> >> > > > > > > écrit :
>> >> > > > > > > > >
>> >> > > > > > > > > > Hi,
>> >> > > > > > > > > >
>> >> > > > > > > > > > I think something is wrong.
>> >> > > > > > > > > >
>> >> > > > > > > > > >
>> >> > > > > > > > > >
>> >> > > > > > > > >
>> >> > > > > > > >
>> >> > > > > > >
>> >> > > > > >
>> >> > > > >
>> >> > > >
>> >> > >
>> >> >
>> >>
>> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
>> >> > > > > > > > > >
>> >> > > > > > > > > > This example does exactly what I am trying to do,
>> but...
>> >> > > > > > > > > >
>> >> > > > > > > > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
>> >> > > > > > > > > >
>> >> > > > > > > > > > ... returns "guest".
>> >> > > > > > > > > >
>> >> > > > > > > > > > []s,
>> >> > > > > > > > > > Thiago.
>> >> > > > > > > > > >
>> >> > > > > > > > > >
>> >> > > > > > > > > >
>> >> > > > > > > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
>> >> > > > > > > > > > <rm...@gmail.com>wrote:
>> >> > > > > > > > > >
>> >> > > > > > > > > > > sounds familiar (already answered i guess)
>> >> > > > > > > > > > >
>> >> > > > > > > > > > > make a redirection after the login
>> >> > > > > > > > > > >
>> >> > > > > > > > > > > - Romain
>> >> > > > > > > > > > >
>> >> > > > > > > > > > >
>> >> > > > > > > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
>> >> > > > > > > > > > >
>> >> > > > > > > > > > > > Hi guys!
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > I am trying to handle the user "login" in a
>> >> > programmatic
>> >> > > > way.
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > The command bellow is called by a Servlet...
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > *************************************
>> >> > > > > > > > > > > > public class Login implements Command {
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > @Override
>> >> > > > > > > > > > > > public Object execute(Params params) throws
>> >> > > Exception {
>> >> > > > > > > > > > > > final String user =
>> >> > params.getString("userName");
>> >> > > > > > > > > > > > final String password =
>> >> > > > > > params.getString("userPassword");
>> >> > > > > > > > > > > > params.getReq().login(user, password);
>> >> > > > > > > > > > > > return null;
>> >> > > > > > > > > > > > }
>> >> > > > > > > > > > > > }
>> >> > > > > > > > > > > > *************************************
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > This is fine. I manage to login. The problem is
>> >> that at
>> >> > > the
>> >> > > > > EJB
>> >> > > > > > > > side
>> >> > > > > > > > > > the
>> >> > > > > > > > > > > > Principal is still the "guest" user. See the EJB
>> >> code
>> >> > > > > below...
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > *************************************
>> >> > > > > > > > > > > > @Override
>> >> > > > > > > > > > > > public Map<String, Object> getSystemStatus()
>> {
>> >> > > > > > > > > > > > final Map<String, Object> result = new
>> >> > > > > HashMap<String,
>> >> > > > > > > > > > Object>();
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > result.put("isAdmin",
>> >> > > > > > > > this.context.isCallerInRole("admin"));
>> >> > > > > > > > > > > > result.put("isUser",
>> >> > > > > > > this.context.isCallerInRole("user"));
>> >> > > > > > > > > > > > result.put("userName",
>> >> > > > > > > > > > > > this.context.getCallerPrincipal().getName());
>> >> > > > > > > > > > > > result.put("currentDraw",
>> getCurrentDraw());
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > return result;
>> >> > > > > > > > > > > > }
>> >> > > > > > > > > > > > *************************************
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > I have a feeling that Tomee does not manage
>> manual
>> >> > logins
>> >> > > > > like
>> >> > > > > > > the
>> >> > > > > > > > > one
>> >> > > > > > > > > > > > above. Can you guys give me a hint of where
>> should I
>> >> > find
>> >> > > > > this
>> >> > > > > > > > > > > integration
>> >> > > > > > > > > > > > code?
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > []s,
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > > > Thiago.
>> >> > > > > > > > > > > >
>> >> > > > > > > > > > >
>> >> > > > > > > > > >
>> >> > > > > > > > >
>> >> > > > > > > >
>> >> > > > > > >
>> >> > > > > >
>> >> > > > >
>> >> > > >
>> >> > >
>> >> >
>> >>
>> >
>> >
>>
>
>
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
hmm it was working when i commited the sample,
maybe check with another tomcat version
i'll work on it on monday
- Romain
2012/7/7 Thiago Veronezi <th...@veronezi.org>
> Update: Not our issue! :O)
> http://tomcat.10.n6.nabble.com/request-login-not-persistent-td4687840.html
>
> []s,
> Thiago.
>
> On Fri, Jul 6, 2012 at 5:11 PM, Thiago Veronezi <th...@veronezi.org>
> wrote:
>
> > I confirm that TomEERealm is being used.
> > Man... this is hard to debug! :)
> >
> >
> > On Fri, Jul 6, 2012 at 4:26 PM, Romain Manni-Bucau <
> rmannibucau@gmail.com>wrote:
> >
> >> seems you are right...not sure what happened :(
> >>
> >> dont have time until next week to look it but TomEERealm should be used
> to
> >> do it
> >>
> >> - Romain
> >>
> >>
> >> 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> >>
> >> > Hi,
> >> >
> >> > the same problem.
> >> >
> >> >
> >> > On Fri, Jul 6, 2012 at 2:24 PM, Romain Manni-Bucau <
> >> rmannibucau@gmail.com
> >> > >wrote:
> >> >
> >> > > Use tomee trunk
> >> > > Le 6 juil. 2012 20:11, "Thiago Veronezi" <th...@veronezi.org> a
> >> écrit :
> >> > >
> >> > > > the server here:
> >> > > >
> >> > > >
> >> > >
> >> >
> >>
> http://www.apache.org/dyn/closer.cgi/openejb/openejb-4.0.0/apache-tomee-1.0.0-plus.tar.gz
> >> > > > the example here:
> >> > > >
> >> > > >
> >> > >
> >> >
> >>
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> >> > > >
> >> > > >
> >> > > > On Fri, Jul 6, 2012 at 1:49 PM, Romain Manni-Bucau <
> >> > > rmannibucau@gmail.com
> >> > > > >wrote:
> >> > > >
> >> > > > > Trunk?
> >> > > > > Le 6 juil. 2012 19:47, "Thiago Veronezi" <th...@veronezi.org>
> a
> >> > > écrit :
> >> > > > >
> >> > > > > > >>The sample was working
> >> > > > > >
> >> > > > > > Not for me. Now we can call the servlet this way...
> >> > > > > >
> >> > > > > >
> >> > > > >
> >> > > >
> >> > >
> >> >
> >>
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
> >> > > > > > and it should redirect to the
> >> > > > > > http://localhost:8080/cdi-ejbcontext-jaas/user in
> >> > > > > > case of a successful login.
> >> > > > > >
> >> > > > > > >>is your realm the first one in server.xml
> >> > > > > > This is a brand new tomee from our download page. I just
> >> downloaded
> >> > > it
> >> > > > > and
> >> > > > > > drop the "cdi-ejbcontext-jaas.war". I was expecting to use the
> >> > > regular
> >> > > > > > "tomcat-users.xml".
> >> > > > > >
> >> > > > > >
> >> > > > > >
> >> > > > > > On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <
> >> > > > > rmannibucau@gmail.com
> >> > > > > > >wrote:
> >> > > > > >
> >> > > > > > > The sample was working, is your realm the first one in
> >> > server.xml?
> >> > > > > > >
> >> > > > > > > Maybe check TomEERealm is added in TomcatSecurityService and
> >> used
> >> > > at
> >> > > > > > login
> >> > > > > > > time.
> >> > > > > > > Le 6 juil. 2012 19:26, "Thiago Veronezi" <
> thiago@veronezi.org>
> >> a
> >> > > > > écrit :
> >> > > > > > >
> >> > > > > > > > Yeap.... same thing.
> >> > > > > > > > I just updated the example.
> >> > > > > > > >
> >> > > > > > > > Thanks!
> >> > > > > > > >
> >> > > > > > > >
> >> > > > > > > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
> >> > > > > > > rmannibucau@gmail.com
> >> > > > > > > > >wrote:
> >> > > > > > > >
> >> > > > > > > > > Did you try a redirect?
> >> > > > > > > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <
> >> > thiago@veronezi.org>
> >> > > a
> >> > > > > > > écrit :
> >> > > > > > > > >
> >> > > > > > > > > > Hi,
> >> > > > > > > > > >
> >> > > > > > > > > > I think something is wrong.
> >> > > > > > > > > >
> >> > > > > > > > > >
> >> > > > > > > > > >
> >> > > > > > > > >
> >> > > > > > > >
> >> > > > > > >
> >> > > > > >
> >> > > > >
> >> > > >
> >> > >
> >> >
> >>
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> >> > > > > > > > > >
> >> > > > > > > > > > This example does exactly what I am trying to do,
> but...
> >> > > > > > > > > >
> >> > > > > > > > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> >> > > > > > > > > >
> >> > > > > > > > > > ... returns "guest".
> >> > > > > > > > > >
> >> > > > > > > > > > []s,
> >> > > > > > > > > > Thiago.
> >> > > > > > > > > >
> >> > > > > > > > > >
> >> > > > > > > > > >
> >> > > > > > > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> >> > > > > > > > > > <rm...@gmail.com>wrote:
> >> > > > > > > > > >
> >> > > > > > > > > > > sounds familiar (already answered i guess)
> >> > > > > > > > > > >
> >> > > > > > > > > > > make a redirection after the login
> >> > > > > > > > > > >
> >> > > > > > > > > > > - Romain
> >> > > > > > > > > > >
> >> > > > > > > > > > >
> >> > > > > > > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> >> > > > > > > > > > >
> >> > > > > > > > > > > > Hi guys!
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > I am trying to handle the user "login" in a
> >> > programmatic
> >> > > > way.
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > The command bellow is called by a Servlet...
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > *************************************
> >> > > > > > > > > > > > public class Login implements Command {
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > @Override
> >> > > > > > > > > > > > public Object execute(Params params) throws
> >> > > Exception {
> >> > > > > > > > > > > > final String user =
> >> > params.getString("userName");
> >> > > > > > > > > > > > final String password =
> >> > > > > > params.getString("userPassword");
> >> > > > > > > > > > > > params.getReq().login(user, password);
> >> > > > > > > > > > > > return null;
> >> > > > > > > > > > > > }
> >> > > > > > > > > > > > }
> >> > > > > > > > > > > > *************************************
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > This is fine. I manage to login. The problem is
> >> that at
> >> > > the
> >> > > > > EJB
> >> > > > > > > > side
> >> > > > > > > > > > the
> >> > > > > > > > > > > > Principal is still the "guest" user. See the EJB
> >> code
> >> > > > > below...
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > *************************************
> >> > > > > > > > > > > > @Override
> >> > > > > > > > > > > > public Map<String, Object> getSystemStatus() {
> >> > > > > > > > > > > > final Map<String, Object> result = new
> >> > > > > HashMap<String,
> >> > > > > > > > > > Object>();
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > result.put("isAdmin",
> >> > > > > > > > this.context.isCallerInRole("admin"));
> >> > > > > > > > > > > > result.put("isUser",
> >> > > > > > > this.context.isCallerInRole("user"));
> >> > > > > > > > > > > > result.put("userName",
> >> > > > > > > > > > > > this.context.getCallerPrincipal().getName());
> >> > > > > > > > > > > > result.put("currentDraw",
> getCurrentDraw());
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > return result;
> >> > > > > > > > > > > > }
> >> > > > > > > > > > > > *************************************
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > I have a feeling that Tomee does not manage manual
> >> > logins
> >> > > > > like
> >> > > > > > > the
> >> > > > > > > > > one
> >> > > > > > > > > > > > above. Can you guys give me a hint of where
> should I
> >> > find
> >> > > > > this
> >> > > > > > > > > > > integration
> >> > > > > > > > > > > > code?
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > []s,
> >> > > > > > > > > > > >
> >> > > > > > > > > > > > Thiago.
> >> > > > > > > > > > > >
> >> > > > > > > > > > >
> >> > > > > > > > > >
> >> > > > > > > > >
> >> > > > > > > >
> >> > > > > > >
> >> > > > > >
> >> > > > >
> >> > > >
> >> > >
> >> >
> >>
> >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Thiago Veronezi <th...@veronezi.org>.
Update: Not our issue! :O)
http://tomcat.10.n6.nabble.com/request-login-not-persistent-td4687840.html
[]s,
Thiago.
On Fri, Jul 6, 2012 at 5:11 PM, Thiago Veronezi <th...@veronezi.org> wrote:
> I confirm that TomEERealm is being used.
> Man... this is hard to debug! :)
>
>
> On Fri, Jul 6, 2012 at 4:26 PM, Romain Manni-Bucau <rm...@gmail.com>wrote:
>
>> seems you are right...not sure what happened :(
>>
>> dont have time until next week to look it but TomEERealm should be used to
>> do it
>>
>> - Romain
>>
>>
>> 2012/7/6 Thiago Veronezi <th...@veronezi.org>
>>
>> > Hi,
>> >
>> > the same problem.
>> >
>> >
>> > On Fri, Jul 6, 2012 at 2:24 PM, Romain Manni-Bucau <
>> rmannibucau@gmail.com
>> > >wrote:
>> >
>> > > Use tomee trunk
>> > > Le 6 juil. 2012 20:11, "Thiago Veronezi" <th...@veronezi.org> a
>> écrit :
>> > >
>> > > > the server here:
>> > > >
>> > > >
>> > >
>> >
>> http://www.apache.org/dyn/closer.cgi/openejb/openejb-4.0.0/apache-tomee-1.0.0-plus.tar.gz
>> > > > the example here:
>> > > >
>> > > >
>> > >
>> >
>> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
>> > > >
>> > > >
>> > > > On Fri, Jul 6, 2012 at 1:49 PM, Romain Manni-Bucau <
>> > > rmannibucau@gmail.com
>> > > > >wrote:
>> > > >
>> > > > > Trunk?
>> > > > > Le 6 juil. 2012 19:47, "Thiago Veronezi" <th...@veronezi.org> a
>> > > écrit :
>> > > > >
>> > > > > > >>The sample was working
>> > > > > >
>> > > > > > Not for me. Now we can call the servlet this way...
>> > > > > >
>> > > > > >
>> > > > >
>> > > >
>> > >
>> >
>> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
>> > > > > > and it should redirect to the
>> > > > > > http://localhost:8080/cdi-ejbcontext-jaas/user in
>> > > > > > case of a successful login.
>> > > > > >
>> > > > > > >>is your realm the first one in server.xml
>> > > > > > This is a brand new tomee from our download page. I just
>> downloaded
>> > > it
>> > > > > and
>> > > > > > drop the "cdi-ejbcontext-jaas.war". I was expecting to use the
>> > > regular
>> > > > > > "tomcat-users.xml".
>> > > > > >
>> > > > > >
>> > > > > >
>> > > > > > On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <
>> > > > > rmannibucau@gmail.com
>> > > > > > >wrote:
>> > > > > >
>> > > > > > > The sample was working, is your realm the first one in
>> > server.xml?
>> > > > > > >
>> > > > > > > Maybe check TomEERealm is added in TomcatSecurityService and
>> used
>> > > at
>> > > > > > login
>> > > > > > > time.
>> > > > > > > Le 6 juil. 2012 19:26, "Thiago Veronezi" <th...@veronezi.org>
>> a
>> > > > > écrit :
>> > > > > > >
>> > > > > > > > Yeap.... same thing.
>> > > > > > > > I just updated the example.
>> > > > > > > >
>> > > > > > > > Thanks!
>> > > > > > > >
>> > > > > > > >
>> > > > > > > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
>> > > > > > > rmannibucau@gmail.com
>> > > > > > > > >wrote:
>> > > > > > > >
>> > > > > > > > > Did you try a redirect?
>> > > > > > > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <
>> > thiago@veronezi.org>
>> > > a
>> > > > > > > écrit :
>> > > > > > > > >
>> > > > > > > > > > Hi,
>> > > > > > > > > >
>> > > > > > > > > > I think something is wrong.
>> > > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > >
>> > > > > > > >
>> > > > > > >
>> > > > > >
>> > > > >
>> > > >
>> > >
>> >
>> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
>> > > > > > > > > >
>> > > > > > > > > > This example does exactly what I am trying to do, but...
>> > > > > > > > > >
>> > > > > > > > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
>> > > > > > > > > >
>> > > > > > > > > > ... returns "guest".
>> > > > > > > > > >
>> > > > > > > > > > []s,
>> > > > > > > > > > Thiago.
>> > > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
>> > > > > > > > > > <rm...@gmail.com>wrote:
>> > > > > > > > > >
>> > > > > > > > > > > sounds familiar (already answered i guess)
>> > > > > > > > > > >
>> > > > > > > > > > > make a redirection after the login
>> > > > > > > > > > >
>> > > > > > > > > > > - Romain
>> > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
>> > > > > > > > > > >
>> > > > > > > > > > > > Hi guys!
>> > > > > > > > > > > >
>> > > > > > > > > > > > I am trying to handle the user "login" in a
>> > programmatic
>> > > > way.
>> > > > > > > > > > > >
>> > > > > > > > > > > > The command bellow is called by a Servlet...
>> > > > > > > > > > > >
>> > > > > > > > > > > > *************************************
>> > > > > > > > > > > > public class Login implements Command {
>> > > > > > > > > > > >
>> > > > > > > > > > > > @Override
>> > > > > > > > > > > > public Object execute(Params params) throws
>> > > Exception {
>> > > > > > > > > > > > final String user =
>> > params.getString("userName");
>> > > > > > > > > > > > final String password =
>> > > > > > params.getString("userPassword");
>> > > > > > > > > > > > params.getReq().login(user, password);
>> > > > > > > > > > > > return null;
>> > > > > > > > > > > > }
>> > > > > > > > > > > > }
>> > > > > > > > > > > > *************************************
>> > > > > > > > > > > >
>> > > > > > > > > > > > This is fine. I manage to login. The problem is
>> that at
>> > > the
>> > > > > EJB
>> > > > > > > > side
>> > > > > > > > > > the
>> > > > > > > > > > > > Principal is still the "guest" user. See the EJB
>> code
>> > > > > below...
>> > > > > > > > > > > >
>> > > > > > > > > > > > *************************************
>> > > > > > > > > > > > @Override
>> > > > > > > > > > > > public Map<String, Object> getSystemStatus() {
>> > > > > > > > > > > > final Map<String, Object> result = new
>> > > > > HashMap<String,
>> > > > > > > > > > Object>();
>> > > > > > > > > > > >
>> > > > > > > > > > > > result.put("isAdmin",
>> > > > > > > > this.context.isCallerInRole("admin"));
>> > > > > > > > > > > > result.put("isUser",
>> > > > > > > this.context.isCallerInRole("user"));
>> > > > > > > > > > > > result.put("userName",
>> > > > > > > > > > > > this.context.getCallerPrincipal().getName());
>> > > > > > > > > > > > result.put("currentDraw", getCurrentDraw());
>> > > > > > > > > > > >
>> > > > > > > > > > > > return result;
>> > > > > > > > > > > > }
>> > > > > > > > > > > > *************************************
>> > > > > > > > > > > >
>> > > > > > > > > > > > I have a feeling that Tomee does not manage manual
>> > logins
>> > > > > like
>> > > > > > > the
>> > > > > > > > > one
>> > > > > > > > > > > > above. Can you guys give me a hint of where should I
>> > find
>> > > > > this
>> > > > > > > > > > > integration
>> > > > > > > > > > > > code?
>> > > > > > > > > > > >
>> > > > > > > > > > > > []s,
>> > > > > > > > > > > >
>> > > > > > > > > > > > Thiago.
>> > > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > >
>> > > > > > > >
>> > > > > > >
>> > > > > >
>> > > > >
>> > > >
>> > >
>> >
>>
>
>
Re: tomcat/openejb security integration -> directions
Posted by Thiago Veronezi <th...@veronezi.org>.
I confirm that TomEERealm is being used.
Man... this is hard to debug! :)
On Fri, Jul 6, 2012 at 4:26 PM, Romain Manni-Bucau <rm...@gmail.com>wrote:
> seems you are right...not sure what happened :(
>
> dont have time until next week to look it but TomEERealm should be used to
> do it
>
> - Romain
>
>
> 2012/7/6 Thiago Veronezi <th...@veronezi.org>
>
> > Hi,
> >
> > the same problem.
> >
> >
> > On Fri, Jul 6, 2012 at 2:24 PM, Romain Manni-Bucau <
> rmannibucau@gmail.com
> > >wrote:
> >
> > > Use tomee trunk
> > > Le 6 juil. 2012 20:11, "Thiago Veronezi" <th...@veronezi.org> a
> écrit :
> > >
> > > > the server here:
> > > >
> > > >
> > >
> >
> http://www.apache.org/dyn/closer.cgi/openejb/openejb-4.0.0/apache-tomee-1.0.0-plus.tar.gz
> > > > the example here:
> > > >
> > > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > > >
> > > >
> > > > On Fri, Jul 6, 2012 at 1:49 PM, Romain Manni-Bucau <
> > > rmannibucau@gmail.com
> > > > >wrote:
> > > >
> > > > > Trunk?
> > > > > Le 6 juil. 2012 19:47, "Thiago Veronezi" <th...@veronezi.org> a
> > > écrit :
> > > > >
> > > > > > >>The sample was working
> > > > > >
> > > > > > Not for me. Now we can call the servlet this way...
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
> > > > > > and it should redirect to the
> > > > > > http://localhost:8080/cdi-ejbcontext-jaas/user in
> > > > > > case of a successful login.
> > > > > >
> > > > > > >>is your realm the first one in server.xml
> > > > > > This is a brand new tomee from our download page. I just
> downloaded
> > > it
> > > > > and
> > > > > > drop the "cdi-ejbcontext-jaas.war". I was expecting to use the
> > > regular
> > > > > > "tomcat-users.xml".
> > > > > >
> > > > > >
> > > > > >
> > > > > > On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <
> > > > > rmannibucau@gmail.com
> > > > > > >wrote:
> > > > > >
> > > > > > > The sample was working, is your realm the first one in
> > server.xml?
> > > > > > >
> > > > > > > Maybe check TomEERealm is added in TomcatSecurityService and
> used
> > > at
> > > > > > login
> > > > > > > time.
> > > > > > > Le 6 juil. 2012 19:26, "Thiago Veronezi" <th...@veronezi.org>
> a
> > > > > écrit :
> > > > > > >
> > > > > > > > Yeap.... same thing.
> > > > > > > > I just updated the example.
> > > > > > > >
> > > > > > > > Thanks!
> > > > > > > >
> > > > > > > >
> > > > > > > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
> > > > > > > rmannibucau@gmail.com
> > > > > > > > >wrote:
> > > > > > > >
> > > > > > > > > Did you try a redirect?
> > > > > > > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <
> > thiago@veronezi.org>
> > > a
> > > > > > > écrit :
> > > > > > > > >
> > > > > > > > > > Hi,
> > > > > > > > > >
> > > > > > > > > > I think something is wrong.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > > > > > > > > >
> > > > > > > > > > This example does exactly what I am trying to do, but...
> > > > > > > > > >
> > > > > > > > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> > > > > > > > > >
> > > > > > > > > > ... returns "guest".
> > > > > > > > > >
> > > > > > > > > > []s,
> > > > > > > > > > Thiago.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> > > > > > > > > > <rm...@gmail.com>wrote:
> > > > > > > > > >
> > > > > > > > > > > sounds familiar (already answered i guess)
> > > > > > > > > > >
> > > > > > > > > > > make a redirection after the login
> > > > > > > > > > >
> > > > > > > > > > > - Romain
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> > > > > > > > > > >
> > > > > > > > > > > > Hi guys!
> > > > > > > > > > > >
> > > > > > > > > > > > I am trying to handle the user "login" in a
> > programmatic
> > > > way.
> > > > > > > > > > > >
> > > > > > > > > > > > The command bellow is called by a Servlet...
> > > > > > > > > > > >
> > > > > > > > > > > > *************************************
> > > > > > > > > > > > public class Login implements Command {
> > > > > > > > > > > >
> > > > > > > > > > > > @Override
> > > > > > > > > > > > public Object execute(Params params) throws
> > > Exception {
> > > > > > > > > > > > final String user =
> > params.getString("userName");
> > > > > > > > > > > > final String password =
> > > > > > params.getString("userPassword");
> > > > > > > > > > > > params.getReq().login(user, password);
> > > > > > > > > > > > return null;
> > > > > > > > > > > > }
> > > > > > > > > > > > }
> > > > > > > > > > > > *************************************
> > > > > > > > > > > >
> > > > > > > > > > > > This is fine. I manage to login. The problem is that
> at
> > > the
> > > > > EJB
> > > > > > > > side
> > > > > > > > > > the
> > > > > > > > > > > > Principal is still the "guest" user. See the EJB code
> > > > > below...
> > > > > > > > > > > >
> > > > > > > > > > > > *************************************
> > > > > > > > > > > > @Override
> > > > > > > > > > > > public Map<String, Object> getSystemStatus() {
> > > > > > > > > > > > final Map<String, Object> result = new
> > > > > HashMap<String,
> > > > > > > > > > Object>();
> > > > > > > > > > > >
> > > > > > > > > > > > result.put("isAdmin",
> > > > > > > > this.context.isCallerInRole("admin"));
> > > > > > > > > > > > result.put("isUser",
> > > > > > > this.context.isCallerInRole("user"));
> > > > > > > > > > > > result.put("userName",
> > > > > > > > > > > > this.context.getCallerPrincipal().getName());
> > > > > > > > > > > > result.put("currentDraw", getCurrentDraw());
> > > > > > > > > > > >
> > > > > > > > > > > > return result;
> > > > > > > > > > > > }
> > > > > > > > > > > > *************************************
> > > > > > > > > > > >
> > > > > > > > > > > > I have a feeling that Tomee does not manage manual
> > logins
> > > > > like
> > > > > > > the
> > > > > > > > > one
> > > > > > > > > > > > above. Can you guys give me a hint of where should I
> > find
> > > > > this
> > > > > > > > > > > integration
> > > > > > > > > > > > code?
> > > > > > > > > > > >
> > > > > > > > > > > > []s,
> > > > > > > > > > > >
> > > > > > > > > > > > Thiago.
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
seems you are right...not sure what happened :(
dont have time until next week to look it but TomEERealm should be used to
do it
- Romain
2012/7/6 Thiago Veronezi <th...@veronezi.org>
> Hi,
>
> the same problem.
>
>
> On Fri, Jul 6, 2012 at 2:24 PM, Romain Manni-Bucau <rmannibucau@gmail.com
> >wrote:
>
> > Use tomee trunk
> > Le 6 juil. 2012 20:11, "Thiago Veronezi" <th...@veronezi.org> a écrit :
> >
> > > the server here:
> > >
> > >
> >
> http://www.apache.org/dyn/closer.cgi/openejb/openejb-4.0.0/apache-tomee-1.0.0-plus.tar.gz
> > > the example here:
> > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > >
> > >
> > > On Fri, Jul 6, 2012 at 1:49 PM, Romain Manni-Bucau <
> > rmannibucau@gmail.com
> > > >wrote:
> > >
> > > > Trunk?
> > > > Le 6 juil. 2012 19:47, "Thiago Veronezi" <th...@veronezi.org> a
> > écrit :
> > > >
> > > > > >>The sample was working
> > > > >
> > > > > Not for me. Now we can call the servlet this way...
> > > > >
> > > > >
> > > >
> > >
> >
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
> > > > > and it should redirect to the
> > > > > http://localhost:8080/cdi-ejbcontext-jaas/user in
> > > > > case of a successful login.
> > > > >
> > > > > >>is your realm the first one in server.xml
> > > > > This is a brand new tomee from our download page. I just downloaded
> > it
> > > > and
> > > > > drop the "cdi-ejbcontext-jaas.war". I was expecting to use the
> > regular
> > > > > "tomcat-users.xml".
> > > > >
> > > > >
> > > > >
> > > > > On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <
> > > > rmannibucau@gmail.com
> > > > > >wrote:
> > > > >
> > > > > > The sample was working, is your realm the first one in
> server.xml?
> > > > > >
> > > > > > Maybe check TomEERealm is added in TomcatSecurityService and used
> > at
> > > > > login
> > > > > > time.
> > > > > > Le 6 juil. 2012 19:26, "Thiago Veronezi" <th...@veronezi.org> a
> > > > écrit :
> > > > > >
> > > > > > > Yeap.... same thing.
> > > > > > > I just updated the example.
> > > > > > >
> > > > > > > Thanks!
> > > > > > >
> > > > > > >
> > > > > > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
> > > > > > rmannibucau@gmail.com
> > > > > > > >wrote:
> > > > > > >
> > > > > > > > Did you try a redirect?
> > > > > > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <
> thiago@veronezi.org>
> > a
> > > > > > écrit :
> > > > > > > >
> > > > > > > > > Hi,
> > > > > > > > >
> > > > > > > > > I think something is wrong.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > > > > > > > >
> > > > > > > > > This example does exactly what I am trying to do, but...
> > > > > > > > >
> > > > > > > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> > > > > > > > >
> > > > > > > > > ... returns "guest".
> > > > > > > > >
> > > > > > > > > []s,
> > > > > > > > > Thiago.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> > > > > > > > > <rm...@gmail.com>wrote:
> > > > > > > > >
> > > > > > > > > > sounds familiar (already answered i guess)
> > > > > > > > > >
> > > > > > > > > > make a redirection after the login
> > > > > > > > > >
> > > > > > > > > > - Romain
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> > > > > > > > > >
> > > > > > > > > > > Hi guys!
> > > > > > > > > > >
> > > > > > > > > > > I am trying to handle the user "login" in a
> programmatic
> > > way.
> > > > > > > > > > >
> > > > > > > > > > > The command bellow is called by a Servlet...
> > > > > > > > > > >
> > > > > > > > > > > *************************************
> > > > > > > > > > > public class Login implements Command {
> > > > > > > > > > >
> > > > > > > > > > > @Override
> > > > > > > > > > > public Object execute(Params params) throws
> > Exception {
> > > > > > > > > > > final String user =
> params.getString("userName");
> > > > > > > > > > > final String password =
> > > > > params.getString("userPassword");
> > > > > > > > > > > params.getReq().login(user, password);
> > > > > > > > > > > return null;
> > > > > > > > > > > }
> > > > > > > > > > > }
> > > > > > > > > > > *************************************
> > > > > > > > > > >
> > > > > > > > > > > This is fine. I manage to login. The problem is that at
> > the
> > > > EJB
> > > > > > > side
> > > > > > > > > the
> > > > > > > > > > > Principal is still the "guest" user. See the EJB code
> > > > below...
> > > > > > > > > > >
> > > > > > > > > > > *************************************
> > > > > > > > > > > @Override
> > > > > > > > > > > public Map<String, Object> getSystemStatus() {
> > > > > > > > > > > final Map<String, Object> result = new
> > > > HashMap<String,
> > > > > > > > > Object>();
> > > > > > > > > > >
> > > > > > > > > > > result.put("isAdmin",
> > > > > > > this.context.isCallerInRole("admin"));
> > > > > > > > > > > result.put("isUser",
> > > > > > this.context.isCallerInRole("user"));
> > > > > > > > > > > result.put("userName",
> > > > > > > > > > > this.context.getCallerPrincipal().getName());
> > > > > > > > > > > result.put("currentDraw", getCurrentDraw());
> > > > > > > > > > >
> > > > > > > > > > > return result;
> > > > > > > > > > > }
> > > > > > > > > > > *************************************
> > > > > > > > > > >
> > > > > > > > > > > I have a feeling that Tomee does not manage manual
> logins
> > > > like
> > > > > > the
> > > > > > > > one
> > > > > > > > > > > above. Can you guys give me a hint of where should I
> find
> > > > this
> > > > > > > > > > integration
> > > > > > > > > > > code?
> > > > > > > > > > >
> > > > > > > > > > > []s,
> > > > > > > > > > >
> > > > > > > > > > > Thiago.
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Thiago Veronezi <th...@veronezi.org>.
Hi,
the same problem.
On Fri, Jul 6, 2012 at 2:24 PM, Romain Manni-Bucau <rm...@gmail.com>wrote:
> Use tomee trunk
> Le 6 juil. 2012 20:11, "Thiago Veronezi" <th...@veronezi.org> a écrit :
>
> > the server here:
> >
> >
> http://www.apache.org/dyn/closer.cgi/openejb/openejb-4.0.0/apache-tomee-1.0.0-plus.tar.gz
> > the example here:
> >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> >
> >
> > On Fri, Jul 6, 2012 at 1:49 PM, Romain Manni-Bucau <
> rmannibucau@gmail.com
> > >wrote:
> >
> > > Trunk?
> > > Le 6 juil. 2012 19:47, "Thiago Veronezi" <th...@veronezi.org> a
> écrit :
> > >
> > > > >>The sample was working
> > > >
> > > > Not for me. Now we can call the servlet this way...
> > > >
> > > >
> > >
> >
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
> > > > and it should redirect to the
> > > > http://localhost:8080/cdi-ejbcontext-jaas/user in
> > > > case of a successful login.
> > > >
> > > > >>is your realm the first one in server.xml
> > > > This is a brand new tomee from our download page. I just downloaded
> it
> > > and
> > > > drop the "cdi-ejbcontext-jaas.war". I was expecting to use the
> regular
> > > > "tomcat-users.xml".
> > > >
> > > >
> > > >
> > > > On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <
> > > rmannibucau@gmail.com
> > > > >wrote:
> > > >
> > > > > The sample was working, is your realm the first one in server.xml?
> > > > >
> > > > > Maybe check TomEERealm is added in TomcatSecurityService and used
> at
> > > > login
> > > > > time.
> > > > > Le 6 juil. 2012 19:26, "Thiago Veronezi" <th...@veronezi.org> a
> > > écrit :
> > > > >
> > > > > > Yeap.... same thing.
> > > > > > I just updated the example.
> > > > > >
> > > > > > Thanks!
> > > > > >
> > > > > >
> > > > > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
> > > > > rmannibucau@gmail.com
> > > > > > >wrote:
> > > > > >
> > > > > > > Did you try a redirect?
> > > > > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <th...@veronezi.org>
> a
> > > > > écrit :
> > > > > > >
> > > > > > > > Hi,
> > > > > > > >
> > > > > > > > I think something is wrong.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > > > > > > >
> > > > > > > > This example does exactly what I am trying to do, but...
> > > > > > > >
> > > > > > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> > > > > > > >
> > > > > > > > ... returns "guest".
> > > > > > > >
> > > > > > > > []s,
> > > > > > > > Thiago.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> > > > > > > > <rm...@gmail.com>wrote:
> > > > > > > >
> > > > > > > > > sounds familiar (already answered i guess)
> > > > > > > > >
> > > > > > > > > make a redirection after the login
> > > > > > > > >
> > > > > > > > > - Romain
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> > > > > > > > >
> > > > > > > > > > Hi guys!
> > > > > > > > > >
> > > > > > > > > > I am trying to handle the user "login" in a programmatic
> > way.
> > > > > > > > > >
> > > > > > > > > > The command bellow is called by a Servlet...
> > > > > > > > > >
> > > > > > > > > > *************************************
> > > > > > > > > > public class Login implements Command {
> > > > > > > > > >
> > > > > > > > > > @Override
> > > > > > > > > > public Object execute(Params params) throws
> Exception {
> > > > > > > > > > final String user = params.getString("userName");
> > > > > > > > > > final String password =
> > > > params.getString("userPassword");
> > > > > > > > > > params.getReq().login(user, password);
> > > > > > > > > > return null;
> > > > > > > > > > }
> > > > > > > > > > }
> > > > > > > > > > *************************************
> > > > > > > > > >
> > > > > > > > > > This is fine. I manage to login. The problem is that at
> the
> > > EJB
> > > > > > side
> > > > > > > > the
> > > > > > > > > > Principal is still the "guest" user. See the EJB code
> > > below...
> > > > > > > > > >
> > > > > > > > > > *************************************
> > > > > > > > > > @Override
> > > > > > > > > > public Map<String, Object> getSystemStatus() {
> > > > > > > > > > final Map<String, Object> result = new
> > > HashMap<String,
> > > > > > > > Object>();
> > > > > > > > > >
> > > > > > > > > > result.put("isAdmin",
> > > > > > this.context.isCallerInRole("admin"));
> > > > > > > > > > result.put("isUser",
> > > > > this.context.isCallerInRole("user"));
> > > > > > > > > > result.put("userName",
> > > > > > > > > > this.context.getCallerPrincipal().getName());
> > > > > > > > > > result.put("currentDraw", getCurrentDraw());
> > > > > > > > > >
> > > > > > > > > > return result;
> > > > > > > > > > }
> > > > > > > > > > *************************************
> > > > > > > > > >
> > > > > > > > > > I have a feeling that Tomee does not manage manual logins
> > > like
> > > > > the
> > > > > > > one
> > > > > > > > > > above. Can you guys give me a hint of where should I find
> > > this
> > > > > > > > > integration
> > > > > > > > > > code?
> > > > > > > > > >
> > > > > > > > > > []s,
> > > > > > > > > >
> > > > > > > > > > Thiago.
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Use tomee trunk
Le 6 juil. 2012 20:11, "Thiago Veronezi" <th...@veronezi.org> a écrit :
> the server here:
>
> http://www.apache.org/dyn/closer.cgi/openejb/openejb-4.0.0/apache-tomee-1.0.0-plus.tar.gz
> the example here:
>
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
>
>
> On Fri, Jul 6, 2012 at 1:49 PM, Romain Manni-Bucau <rmannibucau@gmail.com
> >wrote:
>
> > Trunk?
> > Le 6 juil. 2012 19:47, "Thiago Veronezi" <th...@veronezi.org> a écrit :
> >
> > > >>The sample was working
> > >
> > > Not for me. Now we can call the servlet this way...
> > >
> > >
> >
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
> > > and it should redirect to the
> > > http://localhost:8080/cdi-ejbcontext-jaas/user in
> > > case of a successful login.
> > >
> > > >>is your realm the first one in server.xml
> > > This is a brand new tomee from our download page. I just downloaded it
> > and
> > > drop the "cdi-ejbcontext-jaas.war". I was expecting to use the regular
> > > "tomcat-users.xml".
> > >
> > >
> > >
> > > On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <
> > rmannibucau@gmail.com
> > > >wrote:
> > >
> > > > The sample was working, is your realm the first one in server.xml?
> > > >
> > > > Maybe check TomEERealm is added in TomcatSecurityService and used at
> > > login
> > > > time.
> > > > Le 6 juil. 2012 19:26, "Thiago Veronezi" <th...@veronezi.org> a
> > écrit :
> > > >
> > > > > Yeap.... same thing.
> > > > > I just updated the example.
> > > > >
> > > > > Thanks!
> > > > >
> > > > >
> > > > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
> > > > rmannibucau@gmail.com
> > > > > >wrote:
> > > > >
> > > > > > Did you try a redirect?
> > > > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <th...@veronezi.org> a
> > > > écrit :
> > > > > >
> > > > > > > Hi,
> > > > > > >
> > > > > > > I think something is wrong.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > > > > > >
> > > > > > > This example does exactly what I am trying to do, but...
> > > > > > >
> > > > > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> > > > > > >
> > > > > > > ... returns "guest".
> > > > > > >
> > > > > > > []s,
> > > > > > > Thiago.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> > > > > > > <rm...@gmail.com>wrote:
> > > > > > >
> > > > > > > > sounds familiar (already answered i guess)
> > > > > > > >
> > > > > > > > make a redirection after the login
> > > > > > > >
> > > > > > > > - Romain
> > > > > > > >
> > > > > > > >
> > > > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> > > > > > > >
> > > > > > > > > Hi guys!
> > > > > > > > >
> > > > > > > > > I am trying to handle the user "login" in a programmatic
> way.
> > > > > > > > >
> > > > > > > > > The command bellow is called by a Servlet...
> > > > > > > > >
> > > > > > > > > *************************************
> > > > > > > > > public class Login implements Command {
> > > > > > > > >
> > > > > > > > > @Override
> > > > > > > > > public Object execute(Params params) throws Exception {
> > > > > > > > > final String user = params.getString("userName");
> > > > > > > > > final String password =
> > > params.getString("userPassword");
> > > > > > > > > params.getReq().login(user, password);
> > > > > > > > > return null;
> > > > > > > > > }
> > > > > > > > > }
> > > > > > > > > *************************************
> > > > > > > > >
> > > > > > > > > This is fine. I manage to login. The problem is that at the
> > EJB
> > > > > side
> > > > > > > the
> > > > > > > > > Principal is still the "guest" user. See the EJB code
> > below...
> > > > > > > > >
> > > > > > > > > *************************************
> > > > > > > > > @Override
> > > > > > > > > public Map<String, Object> getSystemStatus() {
> > > > > > > > > final Map<String, Object> result = new
> > HashMap<String,
> > > > > > > Object>();
> > > > > > > > >
> > > > > > > > > result.put("isAdmin",
> > > > > this.context.isCallerInRole("admin"));
> > > > > > > > > result.put("isUser",
> > > > this.context.isCallerInRole("user"));
> > > > > > > > > result.put("userName",
> > > > > > > > > this.context.getCallerPrincipal().getName());
> > > > > > > > > result.put("currentDraw", getCurrentDraw());
> > > > > > > > >
> > > > > > > > > return result;
> > > > > > > > > }
> > > > > > > > > *************************************
> > > > > > > > >
> > > > > > > > > I have a feeling that Tomee does not manage manual logins
> > like
> > > > the
> > > > > > one
> > > > > > > > > above. Can you guys give me a hint of where should I find
> > this
> > > > > > > > integration
> > > > > > > > > code?
> > > > > > > > >
> > > > > > > > > []s,
> > > > > > > > >
> > > > > > > > > Thiago.
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Thiago Veronezi <th...@veronezi.org>.
the server here:
http://www.apache.org/dyn/closer.cgi/openejb/openejb-4.0.0/apache-tomee-1.0.0-plus.tar.gz
the example here:
http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
On Fri, Jul 6, 2012 at 1:49 PM, Romain Manni-Bucau <rm...@gmail.com>wrote:
> Trunk?
> Le 6 juil. 2012 19:47, "Thiago Veronezi" <th...@veronezi.org> a écrit :
>
> > >>The sample was working
> >
> > Not for me. Now we can call the servlet this way...
> >
> >
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
> > and it should redirect to the
> > http://localhost:8080/cdi-ejbcontext-jaas/user in
> > case of a successful login.
> >
> > >>is your realm the first one in server.xml
> > This is a brand new tomee from our download page. I just downloaded it
> and
> > drop the "cdi-ejbcontext-jaas.war". I was expecting to use the regular
> > "tomcat-users.xml".
> >
> >
> >
> > On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <
> rmannibucau@gmail.com
> > >wrote:
> >
> > > The sample was working, is your realm the first one in server.xml?
> > >
> > > Maybe check TomEERealm is added in TomcatSecurityService and used at
> > login
> > > time.
> > > Le 6 juil. 2012 19:26, "Thiago Veronezi" <th...@veronezi.org> a
> écrit :
> > >
> > > > Yeap.... same thing.
> > > > I just updated the example.
> > > >
> > > > Thanks!
> > > >
> > > >
> > > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
> > > rmannibucau@gmail.com
> > > > >wrote:
> > > >
> > > > > Did you try a redirect?
> > > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <th...@veronezi.org> a
> > > écrit :
> > > > >
> > > > > > Hi,
> > > > > >
> > > > > > I think something is wrong.
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > > > > >
> > > > > > This example does exactly what I am trying to do, but...
> > > > > >
> > > > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> > > > > >
> > > > > > ... returns "guest".
> > > > > >
> > > > > > []s,
> > > > > > Thiago.
> > > > > >
> > > > > >
> > > > > >
> > > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> > > > > > <rm...@gmail.com>wrote:
> > > > > >
> > > > > > > sounds familiar (already answered i guess)
> > > > > > >
> > > > > > > make a redirection after the login
> > > > > > >
> > > > > > > - Romain
> > > > > > >
> > > > > > >
> > > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> > > > > > >
> > > > > > > > Hi guys!
> > > > > > > >
> > > > > > > > I am trying to handle the user "login" in a programmatic way.
> > > > > > > >
> > > > > > > > The command bellow is called by a Servlet...
> > > > > > > >
> > > > > > > > *************************************
> > > > > > > > public class Login implements Command {
> > > > > > > >
> > > > > > > > @Override
> > > > > > > > public Object execute(Params params) throws Exception {
> > > > > > > > final String user = params.getString("userName");
> > > > > > > > final String password =
> > params.getString("userPassword");
> > > > > > > > params.getReq().login(user, password);
> > > > > > > > return null;
> > > > > > > > }
> > > > > > > > }
> > > > > > > > *************************************
> > > > > > > >
> > > > > > > > This is fine. I manage to login. The problem is that at the
> EJB
> > > > side
> > > > > > the
> > > > > > > > Principal is still the "guest" user. See the EJB code
> below...
> > > > > > > >
> > > > > > > > *************************************
> > > > > > > > @Override
> > > > > > > > public Map<String, Object> getSystemStatus() {
> > > > > > > > final Map<String, Object> result = new
> HashMap<String,
> > > > > > Object>();
> > > > > > > >
> > > > > > > > result.put("isAdmin",
> > > > this.context.isCallerInRole("admin"));
> > > > > > > > result.put("isUser",
> > > this.context.isCallerInRole("user"));
> > > > > > > > result.put("userName",
> > > > > > > > this.context.getCallerPrincipal().getName());
> > > > > > > > result.put("currentDraw", getCurrentDraw());
> > > > > > > >
> > > > > > > > return result;
> > > > > > > > }
> > > > > > > > *************************************
> > > > > > > >
> > > > > > > > I have a feeling that Tomee does not manage manual logins
> like
> > > the
> > > > > one
> > > > > > > > above. Can you guys give me a hint of where should I find
> this
> > > > > > > integration
> > > > > > > > code?
> > > > > > > >
> > > > > > > > []s,
> > > > > > > >
> > > > > > > > Thiago.
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Trunk?
Le 6 juil. 2012 19:47, "Thiago Veronezi" <th...@veronezi.org> a écrit :
> >>The sample was working
>
> Not for me. Now we can call the servlet this way...
>
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
> and it should redirect to the
> http://localhost:8080/cdi-ejbcontext-jaas/user in
> case of a successful login.
>
> >>is your realm the first one in server.xml
> This is a brand new tomee from our download page. I just downloaded it and
> drop the "cdi-ejbcontext-jaas.war". I was expecting to use the regular
> "tomcat-users.xml".
>
>
>
> On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <rmannibucau@gmail.com
> >wrote:
>
> > The sample was working, is your realm the first one in server.xml?
> >
> > Maybe check TomEERealm is added in TomcatSecurityService and used at
> login
> > time.
> > Le 6 juil. 2012 19:26, "Thiago Veronezi" <th...@veronezi.org> a écrit :
> >
> > > Yeap.... same thing.
> > > I just updated the example.
> > >
> > > Thanks!
> > >
> > >
> > > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
> > rmannibucau@gmail.com
> > > >wrote:
> > >
> > > > Did you try a redirect?
> > > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <th...@veronezi.org> a
> > écrit :
> > > >
> > > > > Hi,
> > > > >
> > > > > I think something is wrong.
> > > > >
> > > > >
> > > > >
> > > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > > > >
> > > > > This example does exactly what I am trying to do, but...
> > > > >
> > > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> > > > >
> > > > > ... returns "guest".
> > > > >
> > > > > []s,
> > > > > Thiago.
> > > > >
> > > > >
> > > > >
> > > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> > > > > <rm...@gmail.com>wrote:
> > > > >
> > > > > > sounds familiar (already answered i guess)
> > > > > >
> > > > > > make a redirection after the login
> > > > > >
> > > > > > - Romain
> > > > > >
> > > > > >
> > > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> > > > > >
> > > > > > > Hi guys!
> > > > > > >
> > > > > > > I am trying to handle the user "login" in a programmatic way.
> > > > > > >
> > > > > > > The command bellow is called by a Servlet...
> > > > > > >
> > > > > > > *************************************
> > > > > > > public class Login implements Command {
> > > > > > >
> > > > > > > @Override
> > > > > > > public Object execute(Params params) throws Exception {
> > > > > > > final String user = params.getString("userName");
> > > > > > > final String password =
> params.getString("userPassword");
> > > > > > > params.getReq().login(user, password);
> > > > > > > return null;
> > > > > > > }
> > > > > > > }
> > > > > > > *************************************
> > > > > > >
> > > > > > > This is fine. I manage to login. The problem is that at the EJB
> > > side
> > > > > the
> > > > > > > Principal is still the "guest" user. See the EJB code below...
> > > > > > >
> > > > > > > *************************************
> > > > > > > @Override
> > > > > > > public Map<String, Object> getSystemStatus() {
> > > > > > > final Map<String, Object> result = new HashMap<String,
> > > > > Object>();
> > > > > > >
> > > > > > > result.put("isAdmin",
> > > this.context.isCallerInRole("admin"));
> > > > > > > result.put("isUser",
> > this.context.isCallerInRole("user"));
> > > > > > > result.put("userName",
> > > > > > > this.context.getCallerPrincipal().getName());
> > > > > > > result.put("currentDraw", getCurrentDraw());
> > > > > > >
> > > > > > > return result;
> > > > > > > }
> > > > > > > *************************************
> > > > > > >
> > > > > > > I have a feeling that Tomee does not manage manual logins like
> > the
> > > > one
> > > > > > > above. Can you guys give me a hint of where should I find this
> > > > > > integration
> > > > > > > code?
> > > > > > >
> > > > > > > []s,
> > > > > > >
> > > > > > > Thiago.
> > > > > > >
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Thiago Veronezi <th...@veronezi.org>.
>>The sample was working
Not for me. Now we can call the servlet this way...
http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext?myUser=tomcat&myPass=tomcat
and it should redirect to the http://localhost:8080/cdi-ejbcontext-jaas/user in
case of a successful login.
>>is your realm the first one in server.xml
This is a brand new tomee from our download page. I just downloaded it and
drop the "cdi-ejbcontext-jaas.war". I was expecting to use the regular
"tomcat-users.xml".
On Fri, Jul 6, 2012 at 1:28 PM, Romain Manni-Bucau <rm...@gmail.com>wrote:
> The sample was working, is your realm the first one in server.xml?
>
> Maybe check TomEERealm is added in TomcatSecurityService and used at login
> time.
> Le 6 juil. 2012 19:26, "Thiago Veronezi" <th...@veronezi.org> a écrit :
>
> > Yeap.... same thing.
> > I just updated the example.
> >
> > Thanks!
> >
> >
> > On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <
> rmannibucau@gmail.com
> > >wrote:
> >
> > > Did you try a redirect?
> > > Le 6 juil. 2012 18:56, "Thiago Veronezi" <th...@veronezi.org> a
> écrit :
> > >
> > > > Hi,
> > > >
> > > > I think something is wrong.
> > > >
> > > >
> > > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > > >
> > > > This example does exactly what I am trying to do, but...
> > > >
> > > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> > > >
> > > > ... returns "guest".
> > > >
> > > > []s,
> > > > Thiago.
> > > >
> > > >
> > > >
> > > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> > > > <rm...@gmail.com>wrote:
> > > >
> > > > > sounds familiar (already answered i guess)
> > > > >
> > > > > make a redirection after the login
> > > > >
> > > > > - Romain
> > > > >
> > > > >
> > > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> > > > >
> > > > > > Hi guys!
> > > > > >
> > > > > > I am trying to handle the user "login" in a programmatic way.
> > > > > >
> > > > > > The command bellow is called by a Servlet...
> > > > > >
> > > > > > *************************************
> > > > > > public class Login implements Command {
> > > > > >
> > > > > > @Override
> > > > > > public Object execute(Params params) throws Exception {
> > > > > > final String user = params.getString("userName");
> > > > > > final String password = params.getString("userPassword");
> > > > > > params.getReq().login(user, password);
> > > > > > return null;
> > > > > > }
> > > > > > }
> > > > > > *************************************
> > > > > >
> > > > > > This is fine. I manage to login. The problem is that at the EJB
> > side
> > > > the
> > > > > > Principal is still the "guest" user. See the EJB code below...
> > > > > >
> > > > > > *************************************
> > > > > > @Override
> > > > > > public Map<String, Object> getSystemStatus() {
> > > > > > final Map<String, Object> result = new HashMap<String,
> > > > Object>();
> > > > > >
> > > > > > result.put("isAdmin",
> > this.context.isCallerInRole("admin"));
> > > > > > result.put("isUser",
> this.context.isCallerInRole("user"));
> > > > > > result.put("userName",
> > > > > > this.context.getCallerPrincipal().getName());
> > > > > > result.put("currentDraw", getCurrentDraw());
> > > > > >
> > > > > > return result;
> > > > > > }
> > > > > > *************************************
> > > > > >
> > > > > > I have a feeling that Tomee does not manage manual logins like
> the
> > > one
> > > > > > above. Can you guys give me a hint of where should I find this
> > > > > integration
> > > > > > code?
> > > > > >
> > > > > > []s,
> > > > > >
> > > > > > Thiago.
> > > > > >
> > > > >
> > > >
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
The sample was working, is your realm the first one in server.xml?
Maybe check TomEERealm is added in TomcatSecurityService and used at login
time.
Le 6 juil. 2012 19:26, "Thiago Veronezi" <th...@veronezi.org> a écrit :
> Yeap.... same thing.
> I just updated the example.
>
> Thanks!
>
>
> On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <rmannibucau@gmail.com
> >wrote:
>
> > Did you try a redirect?
> > Le 6 juil. 2012 18:56, "Thiago Veronezi" <th...@veronezi.org> a écrit :
> >
> > > Hi,
> > >
> > > I think something is wrong.
> > >
> > >
> > >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> > >
> > > This example does exactly what I am trying to do, but...
> > >
> > > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> > >
> > > ... returns "guest".
> > >
> > > []s,
> > > Thiago.
> > >
> > >
> > >
> > > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> > > <rm...@gmail.com>wrote:
> > >
> > > > sounds familiar (already answered i guess)
> > > >
> > > > make a redirection after the login
> > > >
> > > > - Romain
> > > >
> > > >
> > > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> > > >
> > > > > Hi guys!
> > > > >
> > > > > I am trying to handle the user "login" in a programmatic way.
> > > > >
> > > > > The command bellow is called by a Servlet...
> > > > >
> > > > > *************************************
> > > > > public class Login implements Command {
> > > > >
> > > > > @Override
> > > > > public Object execute(Params params) throws Exception {
> > > > > final String user = params.getString("userName");
> > > > > final String password = params.getString("userPassword");
> > > > > params.getReq().login(user, password);
> > > > > return null;
> > > > > }
> > > > > }
> > > > > *************************************
> > > > >
> > > > > This is fine. I manage to login. The problem is that at the EJB
> side
> > > the
> > > > > Principal is still the "guest" user. See the EJB code below...
> > > > >
> > > > > *************************************
> > > > > @Override
> > > > > public Map<String, Object> getSystemStatus() {
> > > > > final Map<String, Object> result = new HashMap<String,
> > > Object>();
> > > > >
> > > > > result.put("isAdmin",
> this.context.isCallerInRole("admin"));
> > > > > result.put("isUser", this.context.isCallerInRole("user"));
> > > > > result.put("userName",
> > > > > this.context.getCallerPrincipal().getName());
> > > > > result.put("currentDraw", getCurrentDraw());
> > > > >
> > > > > return result;
> > > > > }
> > > > > *************************************
> > > > >
> > > > > I have a feeling that Tomee does not manage manual logins like the
> > one
> > > > > above. Can you guys give me a hint of where should I find this
> > > > integration
> > > > > code?
> > > > >
> > > > > []s,
> > > > >
> > > > > Thiago.
> > > > >
> > > >
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Thiago Veronezi <th...@veronezi.org>.
Yeap.... same thing.
I just updated the example.
Thanks!
On Fri, Jul 6, 2012 at 1:05 PM, Romain Manni-Bucau <rm...@gmail.com>wrote:
> Did you try a redirect?
> Le 6 juil. 2012 18:56, "Thiago Veronezi" <th...@veronezi.org> a écrit :
>
> > Hi,
> >
> > I think something is wrong.
> >
> >
> >
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
> >
> > This example does exactly what I am trying to do, but...
> >
> > http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
> >
> > ... returns "guest".
> >
> > []s,
> > Thiago.
> >
> >
> >
> > On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> > <rm...@gmail.com>wrote:
> >
> > > sounds familiar (already answered i guess)
> > >
> > > make a redirection after the login
> > >
> > > - Romain
> > >
> > >
> > > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> > >
> > > > Hi guys!
> > > >
> > > > I am trying to handle the user "login" in a programmatic way.
> > > >
> > > > The command bellow is called by a Servlet...
> > > >
> > > > *************************************
> > > > public class Login implements Command {
> > > >
> > > > @Override
> > > > public Object execute(Params params) throws Exception {
> > > > final String user = params.getString("userName");
> > > > final String password = params.getString("userPassword");
> > > > params.getReq().login(user, password);
> > > > return null;
> > > > }
> > > > }
> > > > *************************************
> > > >
> > > > This is fine. I manage to login. The problem is that at the EJB side
> > the
> > > > Principal is still the "guest" user. See the EJB code below...
> > > >
> > > > *************************************
> > > > @Override
> > > > public Map<String, Object> getSystemStatus() {
> > > > final Map<String, Object> result = new HashMap<String,
> > Object>();
> > > >
> > > > result.put("isAdmin", this.context.isCallerInRole("admin"));
> > > > result.put("isUser", this.context.isCallerInRole("user"));
> > > > result.put("userName",
> > > > this.context.getCallerPrincipal().getName());
> > > > result.put("currentDraw", getCurrentDraw());
> > > >
> > > > return result;
> > > > }
> > > > *************************************
> > > >
> > > > I have a feeling that Tomee does not manage manual logins like the
> one
> > > > above. Can you guys give me a hint of where should I find this
> > > integration
> > > > code?
> > > >
> > > > []s,
> > > >
> > > > Thiago.
> > > >
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
Did you try a redirect?
Le 6 juil. 2012 18:56, "Thiago Veronezi" <th...@veronezi.org> a écrit :
> Hi,
>
> I think something is wrong.
>
>
> http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
>
> This example does exactly what I am trying to do, but...
>
> http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
>
> ... returns "guest".
>
> []s,
> Thiago.
>
>
>
> On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
> <rm...@gmail.com>wrote:
>
> > sounds familiar (already answered i guess)
> >
> > make a redirection after the login
> >
> > - Romain
> >
> >
> > 2012/7/6 Thiago Veronezi <th...@veronezi.org>
> >
> > > Hi guys!
> > >
> > > I am trying to handle the user "login" in a programmatic way.
> > >
> > > The command bellow is called by a Servlet...
> > >
> > > *************************************
> > > public class Login implements Command {
> > >
> > > @Override
> > > public Object execute(Params params) throws Exception {
> > > final String user = params.getString("userName");
> > > final String password = params.getString("userPassword");
> > > params.getReq().login(user, password);
> > > return null;
> > > }
> > > }
> > > *************************************
> > >
> > > This is fine. I manage to login. The problem is that at the EJB side
> the
> > > Principal is still the "guest" user. See the EJB code below...
> > >
> > > *************************************
> > > @Override
> > > public Map<String, Object> getSystemStatus() {
> > > final Map<String, Object> result = new HashMap<String,
> Object>();
> > >
> > > result.put("isAdmin", this.context.isCallerInRole("admin"));
> > > result.put("isUser", this.context.isCallerInRole("user"));
> > > result.put("userName",
> > > this.context.getCallerPrincipal().getName());
> > > result.put("currentDraw", getCurrentDraw());
> > >
> > > return result;
> > > }
> > > *************************************
> > >
> > > I have a feeling that Tomee does not manage manual logins like the one
> > > above. Can you guys give me a hint of where should I find this
> > integration
> > > code?
> > >
> > > []s,
> > >
> > > Thiago.
> > >
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Thiago Veronezi <th...@veronezi.org>.
Hi,
I think something is wrong.
http://svn.apache.org/repos/asf/openejb/trunk/openejb/examples/cdi-ejbcontext-jaas/
This example does exactly what I am trying to do, but...
http://localhost:8080/cdi-ejbcontext-jaas/ejbcontext
... returns "guest".
[]s,
Thiago.
On Fri, Jul 6, 2012 at 12:22 PM, Romain Manni-Bucau
<rm...@gmail.com>wrote:
> sounds familiar (already answered i guess)
>
> make a redirection after the login
>
> - Romain
>
>
> 2012/7/6 Thiago Veronezi <th...@veronezi.org>
>
> > Hi guys!
> >
> > I am trying to handle the user "login" in a programmatic way.
> >
> > The command bellow is called by a Servlet...
> >
> > *************************************
> > public class Login implements Command {
> >
> > @Override
> > public Object execute(Params params) throws Exception {
> > final String user = params.getString("userName");
> > final String password = params.getString("userPassword");
> > params.getReq().login(user, password);
> > return null;
> > }
> > }
> > *************************************
> >
> > This is fine. I manage to login. The problem is that at the EJB side the
> > Principal is still the "guest" user. See the EJB code below...
> >
> > *************************************
> > @Override
> > public Map<String, Object> getSystemStatus() {
> > final Map<String, Object> result = new HashMap<String, Object>();
> >
> > result.put("isAdmin", this.context.isCallerInRole("admin"));
> > result.put("isUser", this.context.isCallerInRole("user"));
> > result.put("userName",
> > this.context.getCallerPrincipal().getName());
> > result.put("currentDraw", getCurrentDraw());
> >
> > return result;
> > }
> > *************************************
> >
> > I have a feeling that Tomee does not manage manual logins like the one
> > above. Can you guys give me a hint of where should I find this
> integration
> > code?
> >
> > []s,
> >
> > Thiago.
> >
>
Re: tomcat/openejb security integration -> directions
Posted by Romain Manni-Bucau <rm...@gmail.com>.
sounds familiar (already answered i guess)
make a redirection after the login
- Romain
2012/7/6 Thiago Veronezi <th...@veronezi.org>
> Hi guys!
>
> I am trying to handle the user "login" in a programmatic way.
>
> The command bellow is called by a Servlet...
>
> *************************************
> public class Login implements Command {
>
> @Override
> public Object execute(Params params) throws Exception {
> final String user = params.getString("userName");
> final String password = params.getString("userPassword");
> params.getReq().login(user, password);
> return null;
> }
> }
> *************************************
>
> This is fine. I manage to login. The problem is that at the EJB side the
> Principal is still the "guest" user. See the EJB code below...
>
> *************************************
> @Override
> public Map<String, Object> getSystemStatus() {
> final Map<String, Object> result = new HashMap<String, Object>();
>
> result.put("isAdmin", this.context.isCallerInRole("admin"));
> result.put("isUser", this.context.isCallerInRole("user"));
> result.put("userName",
> this.context.getCallerPrincipal().getName());
> result.put("currentDraw", getCurrentDraw());
>
> return result;
> }
> *************************************
>
> I have a feeling that Tomee does not manage manual logins like the one
> above. Can you guys give me a hint of where should I find this integration
> code?
>
> []s,
>
> Thiago.
>