You can return a UserInfo class with overriding method checkCredential (Object suppliedCredential) suppliedCredential will be char[]
Olivier On Thu, Feb 6, 2020 at 3:18 PM Yicheng Wang <[email protected]> wrote: > I’m sorry I didn’t find a detailed documentation of getUserInfo function > and thus I’m not quite familiar with it. So given the username, getUserInfo > should return the password wrapped in UserInfo class. And then login > function would use that information to compare with the input password, > which has already been handled with the current code. Am I getting it right? > > > On Feb 5, 2020, at 20:29, Olivier Lamy <[email protected]> wrote: > > Hi > You do not need to override login. The class has been designed to only > need overwrite getUserInfo. > if getUserInfo returns null it means you cannot login with this username. > Otherwise you need to look at how login method is implemented in > AbstractLoginModule and this can change in the future. > > On Thu, Feb 6, 2020 at 1:43 PM Yicheng Wang <[email protected]> > wrote: > >> Hi Olivier, >> >> Thanks for your timely reply. Just to confirm, are you suggesting to have >> the login module extend AbstractLoginModule and override getUserInfo only? >> In my case, the login module relies on another class to do the >> authentication, so I have to override login as well. If in this case, shall >> I maintain other fields of AbstractLoginModule (like currentUser) >> manually in login function? >> >> Best, >> Yicheng >> >> On Feb 5, 2020, at 19:26, Olivier Lamy <[email protected]> wrote: >> >> Hi >> Can you try with a simple subclass of AbstractLoginModule? >> This should work. >> >> >> On Thu, Feb 6, 2020 at 11:51 AM Yicheng Wang <[email protected]> >> wrote: >> >>> Hi Team, >>> >>> First of all, thank you for developing Jetty. I'm working on a project to >>> replace WebLogic with Jetty, and I've been stuck with authentication for >>> quite a while. >>> >>> The previous project implements the JAAS interface and stores all user >>> information with self-maintained files, instead of using realm. I tried >>> to >>> implement the login module with the same code. And I followed the >>> official >>> document to set the configuration, but without realm. The login part >>> works >>> fine. But after logging in, no matter what request I send to Jetty, >>> principal is always null and thus the user is deemed as unauthenticated >>> and >>> is logged out. While for the login request, I do get the principal from >>> the >>> request. >>> >>> I have no idea about the root cause. Some of my guesses are as below. >>> 1. I read the source code of AbstractLoginModule class, and there're a >>> bunch >>> of fields like currentUser etc. I guess I shouldn't implement LoginModule >>> directly, as this breaks the inner mechanism of how Jetty integrates >>> customized login module. >>> 2. I'm missing some critical configurations of HTTP requests. >>> 3. I also notice session is not working properly at this point. Does >>> session >>> have anything to do with null principal in the request? >>> >>> Do appreciate your kind help! >>> >>> Yicheng >>> >>> >>> >>> -- >>> Sent from: http://jetty.4.x6.nabble.com/Jetty-User-f3247280.html >>> _______________________________________________ >>> jetty-users mailing list >>> [email protected] >>> To change your delivery options, retrieve your password, or unsubscribe >>> from this list, visit >>> https://www.eclipse.org/mailman/listinfo/jetty-users >>> >> >> >> -- >> Olivier >> _______________________________________________ >> jetty-users mailing list >> [email protected] >> To change your delivery options, retrieve your password, or unsubscribe >> from this list, visit >> https://www.eclipse.org/mailman/listinfo/jetty-users >> >> >> _______________________________________________ >> jetty-users mailing list >> [email protected] >> To change your delivery options, retrieve your password, or unsubscribe >> from this list, visit >> https://www.eclipse.org/mailman/listinfo/jetty-users > > > > -- > Olivier > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users > > > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://www.eclipse.org/mailman/listinfo/jetty-users -- Olivier
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
