Jetty

JBossUserRealm.JBossUserPrincipal.isUserInRole(....) does not working properly

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 6.1.2rc0
  • Fix Version/s: 6.1.2rc0
  • Component/s: JBoss
  • Labels:
    None
  • Environment:
    java version "1.5.0_09"
    Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_09-b01)
    Java HotSpot(TM) Client VM (build 1.5.0_09-b01, mixed mode, sharing)

    jetty-jboss compiled with Java 1.4.2_03 Blackdown
  • Number of attachments :
    5

Description

request.isUserInRole("anything") - returns false.

it happens because of
_realm._realmMapping.doesUserHaveRole(this._principal,requiredRoles) returns FALSE
and this does it because Subject subject = SubjectActions.getActiveSubject(); returns NULL (from org.jboss.security.plugins.JaasSecurityManager)

Here is comment for the org.jboss.security.plugins.JaasSecurityManager.doesUserHaveRole :
================================================================
Does the current Subject have a role(a Principal) that equates to one
of the role names. This method obtains the Group named 'Roles' from
the principal set of the currently authenticated Subject as determined
by the SecurityAssociation.getSubject() method and then creates a
SimplePrincipal for each name in roleNames. If the role is a member of the
Roles group, then the user has the role.
-->>>> This requires that the caller
-->>>> establish the correct SecurityAssociation subject prior to calling this
-->>>> method. In the past this was done as a side-effect of an isValid() call,
-->>>> but this is no longer the case.
=================================================================

So it mightbe the reason.
I did some quick fix which seems like work (see attachment).
But would be nice if you could check it out and fine real reason why it is not working properly.
thx

  1. Text File
    JBossUserRealm_patch.txt
    15/Jan/07 7:57 AM
    1 kB
    Alexander Maslov
  2. XML File
    login-config.xml
    15/Jan/07 10:10 AM
    7 kB
    Jan Bartel
  3. File
    my-web-roles.properties
    15/Jan/07 10:10 AM
    0.1 kB
    Jan Bartel
  4. File
    my-web-users.properties
    15/Jan/07 10:10 AM
    0.1 kB
    Jan Bartel

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Jan Bartel added a comment -

Alexander,

can you try the test webapp I've attached to this issue. You will need to set up the login-config.xml and properties files as shown in the attachments.
Login with the username "me" with password "me". On logout, the result of request.isUserInRole("roleA") is printed out. It is working fine for me (ie it prints TRUE).

You'll need to do this with a fresh checkout of jetty at least at the revision level shown in the resolve comment for issue JETTY-213.

Show
Jan Bartel added a comment - Alexander, can you try the test webapp I've attached to this issue. You will need to set up the login-config.xml and properties files as shown in the attachments. Login with the username "me" with password "me". On logout, the result of request.isUserInRole("roleA") is printed out. It is working fine for me (ie it prints TRUE). You'll need to do this with a fresh checkout of jetty at least at the revision level shown in the resolve comment for issue JETTY-213 .
Hide
Permalink
Alexander Maslov added a comment -

Sorry for long pause.

Yep attachment works fine for me even with some modifications. Seems like problem come from other source.
I think you may close this one.

Show
Alexander Maslov added a comment - Sorry for long pause. Yep attachment works fine for me even with some modifications. Seems like problem come from other source. I think you may close this one.
Hide
Permalink
Jan Bartel added a comment -

Closing after Alexander tested and verified the fix.

Show
Jan Bartel added a comment - Closing after Alexander tested and verified the fix.

People

  • Assignee:
    Jan Bartel
    Reporter:
    Alexander Maslov
Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved: