Hello. I'm not sure if this will be picked up by everyone interested, but as I
had trouble with this issue I thought I would post my solution. If somebody
wants to add it to a wiki fine.
My issue was that I had external (in Apache) authentication but needed a JAAS
sign-on and authorisation. AJP13 was setting the RemoteUser via a cookie. I
used a version of the DatabaseServerLoginModule for authorisation based on the
RemoteUser.
To trigger the Signon - I needed first to code the following simple Servlet:
/**
*
* Simple Servlet to trigger JAAS Login - passing the RemoteUser as username.
*
* @author Jim Brady
*/
public class LoginServlet extends HttpServlet {
public void init() throws ServletException {
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request,response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response) {
// retrieve form parameter values from request
Log log = LogFactory.getLog(this.getClass());
try {
log.info("User = " + request.getRemoteUser());
response.sendRedirect("j_security_check?j_username="
+ request.getRemoteUser() + "&j_password=");
} catch (Exception e) {
log.warn("Whoah", e);
}
}
}
This was integrated via the following items in web.xml.
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>*.login</url-pattern>
</servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>appl.web.login.LoginServlet</servlet-class>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>APACHE</realm-name>
<form-login-config>
<form-login-page>/login/apache.login</form-login-page>
<form-error-page>/login/loginError.htm</form-error-page>
</form-login-config>
</login-config>
It took a long while to work out how to do this, so I hope it helps some other
people out there!
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3907352#3907352
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3907352
-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc. Get Certified Today
Register for a JBoss Training Course. Free Certification Exam
for All Training Attendees Through End of 2005. For more info visit:
http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click
_______________________________________________
JBoss-user mailing list
JBoss-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jboss-user
