Dear all,
I have a problem (2 days old and counting...) with Seam and custom JAAS. I have
written a custom JAAS login module to handle user login activity. The module is
declare in component.xml,
<security:identity jaas-config-name="jaasLogin" />
A simple login page is used to obtain username and password as shown in the
Seam references in Chapter 13,
| <div>
| <h:outputLabel for="name" value="Username"/>
| <h:inputText id="name" value="#{identity.username}"/>
| </div>
| <div>
| <h:outputLabel for="password" value="Password"/>
| <h:inputSecret id="password" value="#{identity.password}"/>
| </div>
| <div>
| <h:commandButton value="Login" action="#{identity.login}"/>
| </div>
|
With the above setup, there is NO problem when the user provide the correct
username and password. But the problem is when the user provide a wrong
username or password, the login module get invokes twice. The custom login
module throw javax.security.auth.login.FailedLoginException when the login has
failed. I can understand the #{identity.login} action fire the login module the
first time, but have no idea what causes the login module to fire the second
time immediately after the first execution and before JSF render response phase?
In addition, when I hit refresh at the login page after a failed login attempt,
the login module get call each time the refresh button is hit. Is this behavior
somehow related to the conversation context with respect to the login page
and/or the Identity seam component?
Does anyone have any idea and insight as what is happening behind the scene?
Many thanks.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4092542#4092542
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4092542
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
