I'm trying to use J2EE/JAAS security in a JBoss 4.0.3 EJB3 SLSB application using Tapestry 4.0. My app is a portal-like app so I have a login form always present. Right now I'm keeping a session-scoped application state object whose presence I used to know if there is a user logged in (in which case I hide the login box). What I want to do is during login, set the credentials for the JAAS security annotations in my EJBs to work. Now, from what I've done before with JSPs/Struts you need a standalone login page (which I don't want to use) to do the normal request-securityCheck-redirect-to-login-page technique (same with the login error page). In the login page I would have a form with action="j_security_check" and username and password as "j_username" and "j_password".
Since I'm authenticating by calling a method in a SLSB (which uses a Hibernate DAO). Do I need to write my own LoginModule and CallBackHandler or can I just somehow pass the credentials into the JAAS subsystem in Java code? Thanks, Brian --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
