I have written a custom login module to authenticate against our legacy (and it's really old, and non-standard!) back end.
This needs a company name parameter from the login form - in fact, it needs to be able to access the HttpSession to get and set attributes in it.. Now that I am trying to use container-handled FORM based authentication, I can't get this information. Before I did form based auth, I used to use a Filter, and have the filter invoke a JSP when it detected an unlogged-in session which would submit to my own login servlet which created a LoginContext passing it a special CallbackHandler initialized with all the needed information which could handle all kinds of custom Callback subclasses to get the info it neeed. Is it possible to do this? Surely someone must have realized that you often need more than just username/password to do authentication???? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3912106#3912106 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3912106 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user