What I thought:
public UUID login(String realmName, String username, String password)
throws LoginException {
if (defaultRealm == null) {
throw new LoginException("No Tomcat realm available");
}
try{
final Principal principal =
defaultRealm.authenticate(username, password);
} catch (...) {
rethrow
}
if (principal == null) throw new CredentialNotFoundException(username);
Subject subject = createSubject(defaultRealm, principal);
UUID token = registerSubject(subject);
return token;
}
Romain Manni-Bucau
Twitter: @rmannibucau
Blog: http://rmannibucau.wordpress.com/
LinkedIn: http://fr.linkedin.com/in/rmannibucau
Github: https://github.com/rmannibucau
2013/12/17 renz <[email protected]>:
> It doesn't work cause I don't find a good way to retrieve my LoginException
> in the SecurityService.
>
> Here is the default SecurityService login method from
> org.apache.tomee.catalina.TomcatSecurityService :
>
>
> Since authenticate can't throw any LoginException, the first thing I've
> tried was to store any LoginException that occured in
> FooBarRealm.authenticate in a property of FooBarRealm. Then I thought I
> could retrieve it in my SecurityService like this :
>
>
> But defaultRealm is not an instance of FooBarRealm, but an instance of
> TomEERealm containing a FooBarRealm.
> The question is how can I access my FooBarRealm through TomEERealm?
>
>
> Another solution could be to encapsulate the LoginException in a prorietary
> RuntimeException and catch it in the TomcatSecurityService like this :
>
>
> It seems to work, but I'm not sure It's a good way.
>
>
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/Remote-EJB-Client-Authentication-JAAS-tp4666734p4666779.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
