Nipun-
Feedback like this is always welcome from the community...
I agree that the LoginProvider needs to evolve and feedback from community will
help with that effort.
Thanks again
Sohil
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983223#3983223
Reply
Hi Sohil
May be I am wrong but I have few suggestions
As a user I write my own LoginModule complaint to JAAS, (class extending
AbstractServerLoginModule)
We all are famliar with JAAS and we know what methods body shd we for
Authentication. Even if we use LoginProvider inside JAAS module,
login
Hi Sohil
Great, it worked for me on both case 1. Application B on local machine 2.
Application B on remote machine.
Thank you very much for all your help. I really appreciate it.
Regards
Nipun
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983221#3983221
AlrightHook this in as LoginProvider
package org.jboss.security.idm.ldap;
import java.security.Principal;
import java.util.Collection;
import java.util.Properties;
import org.jboss.security.idm.Identity;
import org.jboss.security.idm.IdentityException;
import org.jboss.security.idm.LoginProv
Ok, took a quick look. Your problem is related to this:
The JAAS module and LoginProvider should both pull identical username and
password data. Hence, its best to use a JAAS Module that actually uses the same
LoginProvider to get username/password information from the datastore..
The standard
Also I forgot to metion I am not calling login module myself, everything is
defined as per JAAS, I try to access page for thr first time, application
prompts me for username and password page whose action is j_security_check,
after that I login, and I see cookie and also get request.getUserPrinc
Hi Sohil
So finally I have some good news and bad news.
I developed 2 application A and B and I am now using JbossWS policy whcih is a
standard JAAS Login module used in Jboss. Both the applictions are running on
same server.
Now in application A I login and after sucessfull login I even see a
Yes you can write your own Login JAAS module and hook it in the same way I
detailed in the previous response, if you have different login requirements.
Just make sure the JAAS module is managed by tomcat during login to get the
proper Principal establishment and SSO token management.
btw- are
Hi Sohil
No Inside JAAS Module I am not using LoginProvider, I just have our own way of
Authenticating user from Database.
Thanks
Nipun
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3982756#3982756
Reply to the post :
http://www.jboss.com/index.html?module
That should be fine too.
If you follow the steps detailed in the previous response to integrate JAAS in
your application, you should be able to get a Principal created successfully
and a SSO token should be generated and placed on your browser upon succefull
JAAS login.
Let me know if you st
Hi Sohil
Thanks for your response,
Hmmm.. I think I have to write my own login module whcih I have to call
from my program. Reason being I have 1 other param whcih I use with Username
and password to authenticate user.
Also I was looking at your code
org.jboss.security.idm.UsernameAndPas
Nipun-
I think there is some confusion with your JAAS configuration. You don't need to
write your own LoginModule. You should just be able to integrate the
LoginProvider that you created and use the built-in
UserNameAndPasswordLoginModule from the IDM component.
Just follow these steps more o
Hi Sohil
Thanks for your response,
Now I have developed my own DBLoginModule class whcih implements
javax.security.auth.spi.LoginModule
I have also added the policy entry of this login module in login-config.xml
under /server/default/conf/login-config.xml
As per documents I have added contex
You actually bring up a good point about not wanting to use JAAS.
Although I recommend JAAS for obvious benefits (standard, identity propagation
through various layers in the container etc)
if some light weigh app wants to do custom login behavior, maybe there might be
value in creating a contr
Basically, when a user is authenticated on WebApplication A, the only way
WebApplication B can tell is through what we call a SAML token that is
propagated in the form of a http cookie.
Now, if you wish to do authentication in a non-JAAS way still using the
LoginProvider, you will have to write
Hi Sohil
I agree with you it makes regarding own LoginProvider on each machine.
Again I am really sorry for my ignorance though I looked at jboss_sso_test
directory what I am not able to figure out is this. I still need some
clarifications, I hope I am not annoying you.
Let say suppose I hav
Also to add to the logic behind Identity Manager abstraction.
Not all Federation setups can have partners sharing the same Identity Store.
Typical examples being, legacy applications that are islands in themselves, or
integration with external systems like business partners etc.
In that case ea
anonymous wrote :
| If I write JAAS based Authentication in my application where exactly I can
link it with JBoss SSO. Also as per my understanding the Identity manager shd
be on one central server and rest of the application on remote server should
contact identity manager to validate any us
Hi Sohil
Thanks for your response, But I am confused now
As discussed in documents I wrote my own LoginProvider where I validate
username and password, Now in that code I do not use any kind of JAAS
LoginModule and I am not setting any Principal in the subject after validating
user.
If I wr
anonymous wrote :
| 1) What I would like to know is why I have to setup the JAAS module
|
| I have written my own LoginProvider and I am authenticating user, also the
roles changes quite frequently. As The Loginprovider getRoles method solves my
purpose and i can fetch roles from Database
20 matches
Mail list logo
