This content has been marked as final.
Show 1 reply
-
1. Re: Additional Credentials in login-config.xml
dblaisdell Jul 14, 2005 12:12 PM (in response to dblaisdell)I was able to solve my own problem by writing a custom login module.
The class below keeps track of my LoginIndexpublic final class LoginIndex implements Principal { final int loginindex; public LoginIndex(int login) { loginindex=login; } /** * @return Returns the loginindex. */ public int getLoginindex() { return loginindex; } /* (non-Javadoc) * @see java.security.Principal#getName() */ public String getName() { return "LoginIndex"; } public String toString() { return "Login Index: " + loginindex; } }
The Custom Module Makes an additional database call based on a customizable querypublic class CustomDBServerLoginModule extends DatabaseServerLoginModule { private String loginIndexQuery; private LoginIndex loginIndex; public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { super.initialize(subject, callbackHandler, sharedState, options); loginIndexQuery = (String) options.get("loginIndexQuery"); getLoginIndex(); } protected void getLoginIndex() { try { InitialContext ic = new InitialContext(); DataSource ds = (DataSource) ic.lookup(this.dsJndiName); Connection con = ds.getConnection(); PreparedStatement prepStmt = con.prepareStatement(loginIndexQuery); ResultSet rs = prepStmt.executeQuery(); if (rs.next()) { loginIndex = new LoginIndex(rs.getInt(1)); subject.getPrincipals().add(loginIndex); log.info(loginIndex); } con.close(); } catch (SQLException e1) { e1.printStackTrace(); } catch (NamingException e) { e.printStackTrace(); } } }
And finally the login-config.xml file glues it all together.<application-policy name="firsthealthinc"> <authentication> <login-module code="com.firsthealthinc.security.CustomDBServerLoginModule" flag="required"> <module-option name="dsJndiName">java:/PostgresDS</module-option> <module-option name="principalsQuery">select password from tblemployee where login=? and inactive='f'</module-option> <module-option name="rolesQuery"> select securityroles.role,rolegroup from tblemployeeroles inner join tblemployee on tblemployeeroles.employeeid=tblemployee.employeekey inner join securityroles on tblemployeeroles.role=securityroles.roleid where tblemployee.login=? </module-option> <module-option name = "unauthenticatedIdentity">guest</module-option> <module-option name = "loginIndexQuery">select nextval('employeelogin_seq')</module-option> </login-module> <login-module code = "org.jboss.security.ClientLoginModule" flag = "required"> </login-module> </authentication> </application-policy>