开发者

How to set Java EE security roles

开发者 https://www.devze.com 2023-01-26 19:13 出处:网络
I\'m working on a filter to be put in front of a Java application. This filter already is responsible for setting the user name in the remote user variable (in order for the application to do a reques

I'm working on a filter to be put in front of a Java application. This filter already is responsible for setting the user name in the remote user variable (in order for the application to do a request.getRemoteUser() call).

I'd like 开发者_开发问答to also set the roles of the currently logged user from a custom call to an LDAP (not requesting user groups but other specific attributes).

How can I achieve that?


If you write a custom LoginModule, you can authenticate the user yourself, as well as populate the user's roles based on what is in LDAP. If you specify your application server, I could provide more specific information.


OK, LoginModule. It looks like it's what I was looking for... (Filter does not provide the needed functionalities regarding EJB, only servlets) What specificities are they between different App Servers? Isn't there a core Java EE LoginModule specification that is suported by all servers? (at least WAS and jBoss I would say)

Thanks for your help anyway!

0

精彩评论

暂无评论...
验证码 换一张
取 消