This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Customized JAAS Module.

 
Raymond Miao
Greenhorn
Posts: 4
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I am trying to build a website runing on Sun app server. the site will have to be launched from other legacy site which will provide a single access token as request parameter for authentication. I want to create a customized authentication module to handle this access token, verify it, then tell web container the user is valid/invalid. I try to do in by extend the PasswordLoginModule class provided by Sun app server the problem is looks like the class only accept username and pasword as authentication input parameters so does its parent LoginModule. I am wondering if there is a way or workaround to bypass the username/password thing so I can check my access token.

The access token will be verified against database.

Any thoughts?
Thanks a lot.
 
Charles GAY
Greenhorn
Posts: 18
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Raymond,
effectively the sun one app server forces you to extends the sun's PasswordLoginModule and not directly the LoginModule.
i think it is a drawback.....
another option would be to configure jGuard (http:/jguard.sourceforge.net) on your application server, and use your loginModule (which extends directly LoginModule) with the jGuard configuration.
=> the requirement to extends passwordloginModule seems to be reaised by proprietary application server design....(bad j2ee security specification consequences...).
jGuard integrates JAAS in your j2ee environment without any proprietary issue.

hope it helps,

Charles(jGuard team).
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic