I am trying to use the native JAAS authentication module for a web application hosted on JBoss 5.1.0.GA Thus, everything works fine until the number of users increases, and the sessions (as they think) begin to mix.
JAAS
JBoss 5.1.0.GA
The reason I use custom JAAS is due to my own authentication and the need to return a password for future use in the application.
When I call request.getUserPrincipal in servlets, I get an object of type SimplePrincipal instead in my usual principle. To get the user, I use SecurityAssociation.getSubject().getPrincipals() and suspect that at the moment I'm getting the wrong principle.
SecurityAssociation.getSubject().getPrincipals()
What is the correct way to implement a custom login module and get the Loggedin Principal log at the web level (Serlets) on JBoss?
EDIT: The problem exists at the EJB level, https://issues.jboss.org/browse/EJBTHREE-1756
Ref:
I could not get LoginModule with my usual main job. I created a Tomcat valve that encrypts and pushes the password for the HttpSession . Other servlets will extract and decrypt the password.
LoginModule
valve
HttpSession
Source: https://habr.com/ru/post/895312/More articles:What is a live IP address? - terminologyConvert JSON dates in the format "mm dd yyyy" - jsonAndroid ScrollView, scroll to visible - androidHow to force a GPRS connection instead of 3G or Wi-Fi? - androidJBoss JAAS User Login Module - javaRuby class evaluation, validates_inclusion_of with dynamic data - ruby | fooobar.comBasic authentication for accessing the rest apis assembly from android - androidAndroid: How to make an indestructible block in a TextView? - androidChange date format to yyyy-mm-dd - dateTable align = "center" doesn't seem to work - htmlAll Articles