Win a copy of TDD for a Shopping Website LiveProject this week in the Testing forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

Custom and generic JAAS module

 
Ranch Hand
Posts: 485
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I was looking to write a Custom and Generic JAAS based login module. which will be used for both authentication and authorization. And use it across all the application server.

I wrote a Custom LoginModule for Tomcat. Can i use the same class across all the Application server like JBoss, Weblogic and websphere.

Thanks
Param
 
author
Posts: 3281
8
Mac OS X Eclipse IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm really not sure about this but:

1.) If you're following the JAAS std then I don't see why not.
2.) Try first on Jboss, it should be fairly easy to get going if you're familiar with Tomcat.
 
Parameswaran Thangavel
Ranch Hand
Posts: 485
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Well i followed the JAAS standard. But there is a problem though. In Tomcat, i can have different Principal class for both my Principal and Roles. But when comes to JBoss I should have different class to represent the roles for my principal.

In short, It looks like i can have or reuse the Principal class across all the server (Atleast for JBoss and Tomcat).
But when it comes to authorization, we need to have custom (Container specific class) to represent the roles.

I think this is where the Spring Acegi security comes into picture. Which promises to use the same JAAS module across all the container. SPring uses its own class called GrandedAuthority to implement roles.

I never tried on Spring Acegi security, but my above understanding is based on my theoretical knowledge.

Thanks
Param
 
Straws are for suckers. Now suck on this tiny ad!
free, earth-friendly heat - a kickstarter for putting coin in your pocket while saving the earth
https://coderanch.com/t/751654/free-earth-friendly-heat-kickstarter
reply
    Bookmark Topic Watch Topic
  • New Topic