-
1. Re: Login From Swing App
starksm64 Apr 29, 2004 9:46 AM (in response to estephens)You have to add a login module that actually does authentication. The ClientLoginModule only propgates the caller identity to the transport layer for authentication of calls to the server.
-
2. Re: Login From Swing App
estephens Apr 29, 2004 12:48 PM (in response to estephens)Thanks Scott.
What about the Subject? Is there anyway to syunchronize the Subject between the client and the server, other than performing the login in both places?
Thanks -
3. Re: Login From Swing App
dmi3 Sep 10, 2004 9:36 AM (in response to estephens)Hi.
Is there exists a login module performing real user authentication, not like the ClientLoginModule? Is it working with standard JBoss or needs some extras?
And one more question.
Using the ClientLoginModule I've seen that server do not performs authentication when InitialContext.lookup() or InitialContext.list() methods are invoked. Is there any configuration parameters telling that these methods must throw exception for user with invalid username/password?
Thanks. -
4. Re: Login From Swing App
starksm64 Sep 11, 2004 9:37 PM (in response to estephens)The JAAS login done on a client is decoupled from the server. If you obtain the Subject from the client side LoginContext, it will not have the same info as the server. The only way they are coupled is that the configured login modules will have to validate the same identity and proof of identity. You can use client/server oriented login modules that provide tighter coupling if you want.
-
5. Re: Login From Swing App
starksm64 Sep 11, 2004 9:38 PM (in response to estephens)The SRPLoginModule, LdapLoginModule, UserRolesLoginModule are example jboss login modules that can be used to perform client side authentication. There are others available from thirdparty sources as well.