Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Database authentication on WAS 7

 
Alexandre Portugal
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Guys, has someone set up an application on WAS 7 to authenticate users from a database?

I've been reading the docs and I'm surprised how hard it is to find out a solution... On JBoss we just need to add some lines to login-config.xml and it's done!

So far, my options seem to be:
- to implement com.ibm.websphere.security.UserRegistry;
- to implement LoginModule (JAAS);
- to leave behind the security provided by the server (!) and implement it programmaticaly (checking info in session...);

Any suggestions?
 
Elton Kuzniewski
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Alexandre!

I've been trying to figure out that too!

The IBM's documentation is not clearly about that...

Have you found a solution for your case? How did you do?

Thanks!
 
Alexandre Portugal
Greenhorn
Posts: 11
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Elton,

I did manage to make it work with a database user registry.

Check these links. The first one explains how to configure the custom user registry and the second one is an example of a sample custom user registry java class. From there you should be able to change the functionality to query a database instead of a text file:

http://publib.boulder.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=%2Fcom.ibm.websphere.express.doc%2Finfo%2Fexp%2Fae%2Ftsec_tbucs.html
http://publib.boulder.ibm.com/infocenter/wasinfo/v7r0/topic/com.ibm.websphere.express.doc/info/exp/ae/rsec_frsjf502.html

Although the docs say "The registry should not depend on any WAS components (such as data sources)", I was able to use a data source inside the method "checkPassword(...)". That's because, by the time this method is called (when a user tries to login on the app), WAS has already been completelly initialized. The drawback of that is having to do a lookup of the data source each time a user tries to login. You should check if this is acceptable in your case.

Good luck and let me know how it goes.

Regards,

Alexandre.
 
Elton Kuzniewski
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I was afraid about that... That is the exactly way that I was able to do a database login...

The big problem using this approach is that all others webapps should use the same authentication method...
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic