• 1 reply
  • Latest Post - ‏2014-01-30T21:53:13Z by Pich
9 Posts

Pinned topic ClassCastException when trying to get JAAS authentication data

‏2013-11-25T18:16:49Z |

Hello all

I am doing a web server migration to WLP, so need to port existing JAAS support. configured the following login module for a programmatic login, note that the jar files are in the same location as the web server plugin:

<fileset dir="plugins"/>

<library id="JaasLoginModuleLib" name="JaasLoginModuleLib"
        description="Required libraries for JAAS login modules">
        <fileset dir="plugins"
            includes="JaasLoginModules.jar,com.x.c.jar" />
    <jaasLoginModule className="com.x.JaasLoginModuleImpl" id="Jaas2" libraryRef="JaasLoginModuleLib">
        <options debug="false" />

<jaasLoginContextEntry id="Jaas2" name="Jaas2"
        loginModuleRef="Jaas2" />

That login module authenticates the user successfully and fills up a subject with principals and private/public credentials, the problem is when I try to get that info out and use it within my web app. The following call returns null:

Set<UserPrincipal> userPrincipalSet = subject.getPrincipals( principalClass );      

After I debugged it i noticed that the object is actually there, so I forced getting it out but when doing the cast got a funny exception:

java.lang.ClassCastException: com.x.c.UserPrincipal incompatible with com.x.c.UserPrincipal

After inspecting both classes, it seems that the authentication is done in another vm, I am not surprised since the server.xml file needed the jars to be specified in addition to the bundle plugins:

class com.x.c.UserPrincipal (id=1182)


vmRef: 587173632


class com.x.c.UserPrincipal (id=1409)

vmRef: 590113536


Am I using it correctly? Is there a way to specify JAAS to run and load the class from the osgi framework in the server.xml? If not, how can I get and use the authentication objects in my web app?

Thank you