-
1. Re: Logging into JAAS from within a servlet
deep Nov 22, 2002 12:52 PM (in response to gwoodward)I am running 3.04 & 4.1.12 an am wondering?
Did you eventually solve this problem because I am suffering here...
I think it has something to do with auth.conf
However I don't no if I have to add auth.conf to catalina explicitly!
I know how to do it from a client program by adding auth.conf as a -d argument but I cannot find any documentation to help me further along. -
2. Re: Logging into JAAS from within a servlet
jwkaltz Nov 25, 2002 4:14 AM (in response to gwoodward)In JBoss 2.4.X you need to run the JAAS module org.jboss.security.ClientLoginModule in order to bind the username & password to the JBoss invocation layer. Otherwise the server won't know who is calling it. So yes you would need the auth.conf (or equivalent) in your servlet container's path.
Not sure what the deal in 3.0 is, but probably similar ? -
3. Re: Logging into JAAS from within a servlet
deep Nov 25, 2002 10:58 AM (in response to gwoodward)I thought I show catalina's startup change between Jboss 2.X catalina and 3. In 2.x catalina is started from it's startup script. This has changes in 3 which allows catalina to be configured in tomcat41-service.xml.
How to place auth.conf there.....??? No idea ....yet. -
4. Re: Logging into JAAS from within a servlet
jmoring Nov 25, 2002 11:14 AM (in response to gwoodward)There is a shortcut to this process. It is JBoss specific and potentially version specific. You can do what the client login module does without the overhead of the JAAS configuration. Look at the source for the ClientLoginModule. I use this approach on the client-side of EJB calls without any problems. I only set the principal and the credentials and not the subject.
Use at your own risk!!!!
HTH -
5. Re: Logging into JAAS from within a servlet
deep Nov 25, 2002 12:18 PM (in response to gwoodward)I am going to check the source out to see what is going on there, but I will keep looking for the legal way to make auth.conf known to catalina webapps.
BTW should not there be a dtd with tomcat41-server.xml?? -
6. Re: Logging into JAAS from within a servlet
dmaclaren Dec 5, 2002 2:18 PM (in response to gwoodward)now I was working on an Iplanet application where we on registrering at the site we woould add the user and role to LDAP. Afther that we would get a handle into IPLANET's application and force what the form based auth does on a login. this way the user would not be prompted for the id/pass after they register.
There should be a way into JBOSS wither direstly or through JAAS to pass the Registration information(id/pass) for a later callback when the system need the information.
Has anyone done this? Do you understand my question on forcing the login throough code