http://wiki.jboss.org/wiki/Wiki.jsp?page=CustomizingSecurityUsingValves still
applies.
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=3932556#3932556
Reply to the post :
http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3932556
I am using Jboss 3.2.7 and I am trying to solve a similar problem. I am writing
Custom JAAS LoginModule and want to access HttpSession in the LoginModule to
store some information.
Using static methods of the the JACC javax.security.jacc.PolicyContext object
is a good solution, but it is
I'm surprised that you suggest such a complex hack.
In fact, using static methods of the the JACC javax.security.jacc.PolicyContext
object, you can use
| HttpServletRequest request =
(HttpServletRequest)PolicyContext.getContext(javax.servlet.http.HttpServletRequest);
|
Using
http://wiki.jboss.org/wiki/Wiki.jsp?page=CustomizingSecurityUsingValves
View the original post :
http://www.jboss.com/index.html?module=bbop=viewtopicp=3913819#3913819
Reply to the post :
http://www.jboss.com/index.html?module=bbop=postingmode=replyp=3913819
Well? Gurus?
Surely there must be many cases where a LoginHandler needs more than just
username/password?
This is a major shortcoming, and means we can't use container-managed form
based authentication.
View the original post :