AS7 / Picketbox 4 中 SecurityAssociation 的替代方案
我在 Seam 2 应用程序中有以下类,它与 SPNEGO 结合使用来进行 Kerberos 身份验证。在 AS7 Final(使用 Pickbox 4.0.0.CR1)中,SecurityAssociation 类已被删除。我应该使用哪个类或函数来代替 SecurityAssociation.getPrincipal() 和 SecurityAssociation.getSubject()?
package com.redhat.topicindex.security;
import java.lang.reflect.Field;
import javax.faces.context.FacesContext;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
import org.jboss.seam.core.Events;
import org.jboss.seam.security.Identity;
import org.jboss.security.SecurityAssociation;
@SuppressWarnings("serial")
@Name("org.jboss.seam.security.identity")
@Scope(ScopeType.SESSION)
@Install(precedence = Install.DEPLOYMENT)
@BypassInterceptors
@Startup
public class CustomIdentity extends Identity {
private static final String SUBJECT = "subject";
private static final String PRINCIPAL = "principal";
private static final String LOGGED_IN = "loggedIn";
@Override
public String login() {
if(isLoggedIn()) return LOGGED_IN;
try {
getCredentials().setUsername(FacesContext.getCurrentInstance().getExternalContext().getRemoteUser());
getCredentials().setPassword("");
Field field = Identity.class.getDeclaredField(PRINCIPAL);
field.setAccessible(true);
field.set(this, SecurityAssociation.getPrincipal());
field = Identity.class.getDeclaredField(SUBJECT);
field.setAccessible(true);
field.set(this, SecurityAssociation.getSubject());
if (Events.exists()) Events.instance().raiseEvent(EVENT_LOGIN_SUCCESSFUL);
return LOGGED_IN;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
}
I have the following class in a Seam 2 application, which is used in conjunction with SPNEGO to do Kerberos authentication. In AS7 Final (which uses Pickbox 4.0.0.CR1) the SecurityAssociation class has been removed. Which class or function do I use in place of SecurityAssociation.getPrincipal() and SecurityAssociation.getSubject()?
package com.redhat.topicindex.security;
import java.lang.reflect.Field;
import javax.faces.context.FacesContext;
import org.jboss.seam.ScopeType;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
import org.jboss.seam.core.Events;
import org.jboss.seam.security.Identity;
import org.jboss.security.SecurityAssociation;
@SuppressWarnings("serial")
@Name("org.jboss.seam.security.identity")
@Scope(ScopeType.SESSION)
@Install(precedence = Install.DEPLOYMENT)
@BypassInterceptors
@Startup
public class CustomIdentity extends Identity {
private static final String SUBJECT = "subject";
private static final String PRINCIPAL = "principal";
private static final String LOGGED_IN = "loggedIn";
@Override
public String login() {
if(isLoggedIn()) return LOGGED_IN;
try {
getCredentials().setUsername(FacesContext.getCurrentInstance().getExternalContext().getRemoteUser());
getCredentials().setPassword("");
Field field = Identity.class.getDeclaredField(PRINCIPAL);
field.setAccessible(true);
field.set(this, SecurityAssociation.getPrincipal());
field = Identity.class.getDeclaredField(SUBJECT);
field.setAccessible(true);
field.set(this, SecurityAssociation.getSubject());
if (Events.exists()) Events.instance().raiseEvent(EVENT_LOGIN_SUCCESSFUL);
return LOGGED_IN;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这个问题在http://community.jboss.org/thread/170545中得到了回答:
这个补丁对于最新的(现在是 2015 年 3 月)PickectBox 版本 (4.0.21.Beta1) 似乎不再有效。等效代码似乎如下:
This question was answered in http://community.jboss.org/thread/170545:
This patch seems no more valid with the latest (now, March2015) PickectBox version (4.0.21.Beta1). The equivalent code seems to be the following: