[JBoss-user] [Security & JAAS/JBoss] - Re: limitations of ClientLoginModule and security model

[EMAIL PROTECTED] Mon, 05 Jul 2004 08:12:17 -0700

If you don't want the use the embedded NameCallback, PasswordCallback of the 
ClientLoginModule you chain it with an login module that provides the correct 
Principal and credentidal. You then specify the password-stacking="useFirstPass" 
option to indicate that the credentials to pass come from the first login module:



  | srp-client {
  |    // Example client auth.conf for using the SRPLoginModule
  |    org.jboss.security.srp.jaas.SRPLoginModule required
  |    password-stacking="useFirstPass"
  |    principalClassName="org.jboss.security.SimplePrincipal"
  |    srpServerJndiName="SRPServerInterface"
  |    debug=true
  |    ;
  | 
  |    // jBoss LoginModule
  |    org.jboss.security.ClientLoginModule  required
  |    password-stacking="useFirstPass"
  |    ;
  | 
  |    // Put your login modules that need jBoss here
  | };
  | 


View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3840971#3840971

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3840971


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

[JBoss-user] [Security & JAAS/JBoss] - Re: limitations of ClientLoginModule and security model

Reply via email to