Open alwin-joseph opened 16 years ago
@glassfishrobot Commented Reported by gbabu
@glassfishrobot Commented gbabu said: please help me in this
@glassfishrobot Commented @edburns said: Move to unscheduled target milestone
@glassfishrobot Commented @edburns said: Move to security categor.
@glassfishrobot Commented @edburns said: cat2
@glassfishrobot Commented @edburns said: frame
@glassfishrobot Commented @edburns said: These are targeted at 2.1.
@glassfishrobot Commented @edburns said: triage
@glassfishrobot Commented @edburns said: rogerk
@glassfishrobot Commented rogerk said: triage
@glassfishrobot Commented rogerk said: triage
@glassfishrobot Commented kithouna said: Isn't JASPIC the missing link here? This doesn't look like it's JSF specific. In Java EE, the JASPIC SPI is the thing that makes the container aware of the principal and its roles (whether these are obtained via JAAS or otherwise).
All JSF can do is to better integrate with this.
@glassfishrobot Commented @edburns said: Set priority to baseline ahead of JSF 2.3 triage. Priorities will be assigned accurately after this exercise.
@glassfishrobot Commented Parent-Task: JAVASERVERFACES_SPEC_PUBLIC-948
@glassfishrobot Commented This issue was imported from java.net JIRA JAVASERVERFACES_SPEC_PUBLIC-446
hello hi JSF and JAAS experts,
I have web application implementing with jsf facelets and tomcat .Now i want to provide security in my application that is some web pages allow for admin and some web pages for user and..... that means based on role of user i want to give the access for web pages. so for that i am using JAAS for authentication and authorization . I am successfully implemented JAAS authentication for who is logged in. And i am getting subject and putting that subject in context session using following snippet.And also i am able to getting subject and its principals in that subject.
My doubt is based on that subject , how to write policy file and how to call doAsPrivileged() mehod on that Subject in order to navigate web pages.how to provide web pages permission for particular role in policy file..
For example i have three pages login.xhtml,user.xhtml,admin.xhtml. 1> if the logged in person is admin, then we want to display admin.xhtml 2> if the loggend is person is user , then we want to display user.xhtml
untill now i did and found who is logged in and what are his type( admin or user) .now i want configure the web.xml and faces-config.xml based on policy file
YOu can find my Post at SUN FORUM following URL
http://forums.sun.com/thread.jspa?threadID=5325380
Environment
Operating System: Windows XP Platform: Sun
Affected Versions
[1.2]