I tried to solve the issue by compiling my own openejb-core.jar with an
adjusted service-jar.xml, the problem is that my project classes are not
available at the openejb startup....
I think the same applies to the problem in my previous post, the META-INF
folder is not available at startup as it will de deployed later only.
What I actually want to do, is to authenticate a client by a specific client
ID. I thought to use a custom CallbackHandler that access my configuration
files to read this securityString and check it against a prefix in the
username. E.g
@Override
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException {
username = MyClientAuthenticator.authenticate(username);
for (int i = 0; i < callbacks.length; i++) {
...
}
}
Does anybody know how to achive this?
I could also use custom loginmodules but this would mean I would have to
practically copy the existing ones (one for sql, one for ldap etc.), just to
change one line of code....
Or is there a better or "standard" way to solve the problem of having a
"trusted" client?
In my case I have SSO with NTLM and when the webapp connects to the
container I have only a username and no password. I need to be sure that the
client can be trusted to have successfully autheticated the user.
Does anybody has some tips here? Or maybe an example?
Thank you,
Mathis
--
View this message in context:
http://www.nabble.com/Define-Custom-SecurityService---configure-service-jar.xml-tp22699295p22701663.html
Sent from the OpenEJB User mailing list archive at Nabble.com.
