Mantis Bugtracker

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0004621 [Resin] major always 06-16-11 11:52 06-17-11 11:25
Reporter dicr View Status public  
Assigned To ferg
Priority normal Resolution fixed  
Status closed   Product Version 4.0.19
Summary 0004621: Can't assign user roles with JaasAuthenticator
Description I'm using JaasAuthenticator with my custom LoginModule, which add implementation of as username and with roles names to Subject as described here: [^]
This works great in JBoss and Tomcat. But Resin's isUserInRole always return false because of implementation

    if (principal instanceof RolePrincipal)
      return ((RolePrincipal) principal).isUserInRole(role);
      return "user".equals(role);

So, Resin recognize only those principal as roles, which is instance of This is not correct and cause application to become Resin-dependent.

The specification does not define which principles are roles, but the use of standard JAAS classes for code portability is always preferable, then to bind to a particular web-server.

Please, consider to use standard as roles descriptor instead of platform-dependent

Additional Information
Attached Files

- Relationships

- Notes
06-16-11 12:02

common code looks like this:

class MyPrinciple implements
class MyGroup implements

this.subject.add(new MyPrinciple(username));
this.subject.add(new MyGroup("roles", new String[] { "admins", "managers", "user"});

To make it working in Resin I need to modify my code and tie it with Resin:

this.subject.add(new MyPrinciple(username));

Or patch JaasAuthenticator:

if (principal instance of Group)
 return ((Group)principal).isMember(new Principal(role));
06-17-11 11:25


- Issue History
Date Modified Username Field Change
06-16-11 11:52 dicr New Issue
06-16-11 12:02 dicr Note Added: 0005320
06-17-11 11:25 ferg Note Added: 0005323
06-17-11 11:25 ferg Assigned To  => ferg
06-17-11 11:25 ferg Status new => closed
06-17-11 11:25 ferg Resolution open => fixed
06-17-11 11:25 ferg Fixed in Version  => 4.0.20

Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
31 total queries executed.
27 unique queries executed.
Powered by Mantis Bugtracker