I have a web site that requires a user to go through an enrollment process to create an account on the site. The user is only allowed to enroll if the information they enter such as SSN, invoice number, etc. match with a record(s) we store in a database. Furthermore, the fields that we check and match against need to be configurable since we have several sites customized for several clients.
I haven't used JAAS or jGuard so bear with me - can I create a JAAS authentication file that defines multiple required or requisite login modules, each one responsible for checking just one field? That would allow me to customize the authentication for each site. How does information read from the database get passed between modules, through the LoginContext maybe?
In my Struts Action I would be calling a login() method, even though I'm just trying to authenticate entered information to see if they can create a login account.
When the user completes the enrollment process, they should be able to login using a "standard" single LoginModule. Does jGuard or anyone else have a LoginModule that will check user/password against an already exisiting database schema? Re-designing the schema to accomodate a LoginModule with hardcoded table and field names is not going to work for me.
Welcome to Javaranch. Remember that pesky naming policy that you agreed to when you registered? Besides our "Be nice!" rule, it's one that we take seriously (don't let the one-eyed moose fool you!). Please take a minute to change your display name.
Thanks and hope you'll be visiting the ranch often.
subject: Using JAAS/Struts for enrollment authentication