-
1. Re: How to deal with failed logins in client side ?
rickardsson Oct 1, 2003 1:56 PM (in response to blakbox)I have seen this post a number of times now but no answer?
I have the same problem, I want to be able to distinguish between a number of login problems but the exception I throw is transformed so the original cause is lost.
Is this all possible to fix? -
2. Re: How to deal with failed logins in client side ?
juha Oct 1, 2003 4:50 PM (in response to blakbox)It's going to have to be wrapped in some type of RemoteException always, that is the only way to get it back to the client, otherwise you'd have to declare the security exception as an application exception for every EJB method.
RemoteException does give you access to the exception it is wrapping.
What details do you need on the client? Modifying or extending the current server side security interceptor should be fairly trivial task if you need more specific exception messages. However notice that the current API for the security manager works with simple methods of boolean isValid() [authentication] and boolean doesUserHaveRole() for authorization.
-- Juha -
3. Re: How to deal with failed logins in client side ?
jkuhn Oct 1, 2003 4:55 PM (in response to blakbox)I'm not sure I understand what your problem is.
Your login is taking place within a try-catch, no?
Just catch the LoginException, and then forward to a different jsp.
I'm using struts, so my login code is in an "Action" servlet. Here is the code:
try {
handler = new AppCallbackHandler(userId, password);
lc = new LoginContext("toolkit", handler);
System.out.println("Created LoginContext");
lc.login();
System.out.println("Logged in.");
it = lc.getSubject().getPrincipals().iterator();
while (it.hasNext()) { // display user info in server output.
o = it.next();
System.out.println("principle: " + o.getClass().getName() + " " + o);
}
session = request.getSession(); // put the login context onto the session.
session.setAttribute(ADMIN_LOGIN_CONTEXT, lc);
} catch (LoginException le) {
System.out.println("Login failed");
// le.printStackTrace();
return mapping.findForward(ERROR);
}
return mapping.findForward(SUCCESS);