This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Passing information beyond username and password to JAAS

 
Jack Houghton
Greenhorn
Posts: 2
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have overidden the default security provider and wrote a custom LoginModule to authenticate to Tomcat 6.0.18. When a user successfully logs in, I write information to the database to track that the user logs in. I also add a cookie that maps the login to the information in the database. I do this to allow other web sites under the same domain (Apache/PHP) to see that the user is already logged in and allow them to access the protected components of those sites. This works the same way in the other direction. A user can log in to one of the other sites and the cookie is added. I would like to pass the cookie information to the LoginModule to verify that the user is logged in and authenticate to Tomcat. I was thinking of changing the user name to be some string and then the key value in the cookie in order that I may access the value via j_username, but I think that is a hack and would like to be able to pass dynamic information to the LoginModule. I know that you can pass information through the JAAS config file, but that is only for static data.

Any help is appreciated
Jack
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic