SimplePrincipal with a specified user name not working as expected after login [message #1862343] |
Mon, 27 November 2023 13:28 |
J D Messages: 102 Registered: February 2021 |
Senior Member |
|
|
Hi there everyone,
The RestCredentialVerifier.java class in my application uses a Subject with a defined SimplePrincipal string. I've seen the same code in some examples on this forum.
subject.getPrincipals().add(new SimplePrincipal("system"));
subject.getPrincipals().add(new SimplePrincipal("access-check-user"));
subject.getPrincipals().add(new SimplePrincipal("user"));
All three variations above work, but it does not seem right to me because it means ALL logged-in users have the same SimplePrincipal profile (I may be wrong here, I'm still trying to figure it all out).
So I decided to replace the variations above with the following:
subject.getPrincipals().add(new SimplePrincipal(username));
However, after logging in successfully, my Desktop is blank (see attached screenshot).
The code in my RestCredentialVerifier.java class is as follows:
public class RestCredentialVerifier implements ICustomCredentialVerifier {
private static final Logger LOG = LoggerFactory.getLogger(RestCredentialVerifier.class);
Map<String, String> mapResult = new HashMap<>();
@Override
public int verify(String username, char[] passwordPlainText) throws IOException {
Subject subject = new Subject();
// Any ONE OF THESE WORK!
// subject.getPrincipals().add(new SimplePrincipal("system"));
// subject.getPrincipals().add(new SimplePrincipal("access-check-user"));
// subject.getPrincipals().add(new SimplePrincipal("user"));
// This DOES NOT WORK PROPERLY!
subject.getPrincipals().add(new SimplePrincipal(username));
subject.setReadOnly();
RunContext runContext =
RunContexts.copyCurrent(true).withSubject(subject);
// Send the authentication details to the database for verification
int result = runContext.call(new Callable<Integer>() {
@Override
public Integer call() throws Exception {
Map<String, String> mapResult = BEANS.get(IRestAuthenticationService.class)
.verify(lowerCaseUsername(username), createHashedPassword(passwordPlainText).toString());
boolean IsAuthenticatedUser =
mapResult.get("message").equals(TEXTS.get("YouAreNowConnectedToTheServer").trim());
return IsAuthenticatedUser ? AUTH_OK : AUTH_FAILED;
}
});
return result;
}
}
My use case is a bit similar to https://www.eclipse.org/forums/index.php/m/1841325/?srch=SimplePrincipal except that I'm not using tokens.
Can anyone please help me resolve this problem?
Cheers,
JD
-
Attachment: Blank UI.png
(Size: 16.19KB, Downloaded 39 times)
|
|
|
Re: SimplePrincipal with a specified user name not working as expected after login [message #1862723 is a reply to message #1862343] |
Fri, 22 December 2023 11:37 |
|
Yes, if there are different users, each one should have a different principal. The subject is used to identify the user and create corresponding scout sessions (ClientSession, ServerSession). The access control service will load the permissions belonging to that particular user. When loading the session, the information can be used to retrieve more user-specific data from the database.
An empty desktop indicates that you have successfully passed the authentication layer (i.e. you are "logged in"), but there are no outlines to display. This is most likely caused by missing permissions. You should check the implementation of your access controller and the logic in execLoad() of your session classes. Also have a look at the log files and the browser console (F12), maybe there is some warning or error message that can help you further.
Beat
|
|
|
|
Powered by
FUDForum. Page generated in 0.04147 seconds