1 Reply Latest reply on Oct 19, 2004 9:15 PM by starksm64

How to make sure JBoss invokes custom login when using j_sec

subri.shastry Oct 14, 2004 7:16 PM

Hi,

I want to know how can I make JBOSS invoke my custom login module using j_security_check.

If we do not use j_security_check and use JAAS for instance our custom login module gets invoked. However we want to use j_security_check for web clients as we are using form based authentication.

Here is the relevant content of the jsp that uses j_security_check.

<TABLE BORDER=0 CELLPADDING=1 CELLSPACING=0>
<TR ALIGN=LEFT VALIGN=MIDDLE><TD NOWRAP>User Name<TD NOWRAP><INPUT TYPE=TEXT name="j_username" SIZE=28 CLASS=INPUTSTANDARD>
<TR ALIGN=LEFT VALIGN=MIDDLE><TD NOWRAP>Password<TD NOWRAP><INPUT TYPE=PASSWORD name="j_password" SIZE=28 CLASS=INPUTSTANDARD>

Below is portion of the the login_config.xml
- 
- <application-policy name="prompt2">
-
<login-module code="org.jboss.security.ClientLoginModule" flag="required" />
- <login-module code="com.retalix.services.security.authentication.jboss.CustomDBLoginModule" flag="required">
<module-option name="dsJndiName">java:/jdbc/prompt2DataSource</module-option>
<module-option name="principalsQuery">Select Bus_Password from Base_User where Bus_Login_Id =?</module-option>
<module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=prompt2DataSource</module-option>
</login-module>

</application-policy>

1. Re: How to make sure JBoss invokes custom login when using j

starksm64 Oct 19, 2004 9:15 PM (in response to subri.shastry)
You declare that the prompt2 login module configuration should be executed for authentication by adding a WEB-INF/jboss-web.xml descriptor containing the following as described in the admin/devel guide and the JAAS Howto in this forum:

<jboss-web> <security-domain>java:/jaas/prompt2</security-domain> </jboss-web>
Actions