Hi, I am a newbie to JAAS and struggling with some basic things for a week now
I created and configured JDBCRealm with Sun One Application Server 8 and made it default realm. It is working fine. The app server users are getting authenticated against the database.
Then I tried to use form based authentication. I deployed a war (from the samples folder) and tried to test it. It is also working fine.
Now I planned to use the authentication mechanism in my application. I tried to create a Session EJB and authenticate the user using it. I mean the EJB client will pass the username and password to the EJB, the EJB will use the LoginModule which is a part of JDBCRealm to authenticate the user.
It is not working. I am getting an exception message:
The exception is:
I am not sure if it is the right way to authenticate the user. If it is wrong please show me some light.
If it is correct, then please help me get thru this error.
Please tell me, what should be the part of Client code. I mean, should the implementation of LoginModule, CallbackHandlers etc. should be present on client side or not? Where should the config file with JAAS module declaration exist? Should it be on client side or server. When I configured the JDBCRealm, I placed the jar with Realms classes (LoginModule impl, Realm impl) under lib folder for the specific domain. I added the classpath for JDBCRealm, added the properties to Realm using the application server admin console.
take me out of these confusions.
Regards,<br />Nitin :-)
subject: JAAS Authentication. Confusion about use case.