1 Reply Latest reply on Jan 11, 2002 11:54 AM by luke_t

    How to perform login?

    ubxwgm
    ubxwgm Jan 11, 2002 11:28 AM

      Hello,

      I'm creating an swing-gui-app in which I want to ask the user for userID/password which is checked on the server.

      On the serverside I use DatabaseServerLoginModule
      On the clientside I use org.jboss.security.ClientLoginModule which has a callback which asks the user for userid/password.

      On the clientside I invoke the login-Method but the authentication on server is not executed before I make a request to an ejb. So I created an ejb "UserBean" with a method login which does nothing (except providing a method to call).

      Now if the user provides e.g. the wrong password I don't get a security-exception directly but nested in a RemoteException, nested in a ServerException.

      I think I make something wrong - there must be a way to perfomr a direct login without calling an ejb-method and without classcasting exceptions.

      Could anyone please give me a detailed description how this problem is solved a better way?

      Thanks Michael

      • 2807 Views
      • Tags:
        • 1. Re: How to perform login?
          luke_t Jan 11, 2002 11:54 AM (in response to ubxwgm)

          Hi,

          No, you're right. You're not doing anything wrong. The basic client login module doesn't immediately perform an authentication, but just caches the username and password to be sent to the server when you make a call.

          Why is it a problem getting a remote exception - if you make the remote call in your login method and get an exception then you let the user know that it failed and get them to retry?

          Or you could make your remote method throw a user custom user exception and throw this from the remote method.

          Alternatively you could use something like the SRP login module uses a proper authentication protocol with the server during login.

          Luke.

            • Actions