2 Replies Latest reply on Dec 3, 2005 4:14 PM by starksm64

JAAS Form Based Authentication Clarification

ektasehgal Nov 28, 2005 1:58 PM

I am using JBoss 4.0.2 and have configured my web application to use JAAS.
I use FORM based authentication and my security Realm is confgured for LdapLoginModule.

When a user accesses my web application, he is directed to a login page ,(that uses j_security_check) and after a successful authentication and authorization, he is directed to a servlet, that uses a Third party reporting Engine.

My query is :

Is it true that JAAS creates a new Prinicipal Object per HttpRequest?
If yes, then is there a way to ensure that during a session a new principal object is not created in subsequent requests after initial login.

Any help would be appreciated. Thanks and Regards,

1. Re: JAAS Form Based Authentication Clarification

ektasehgal Dec 1, 2005 9:36 AM (in response to ektasehgal)

I would request the JBoss community to answer my question, I dont see this documentted anywhere and I really need to understand this piece.

Thanks,
ektasehgal
Actions
2. Re: JAAS Form Based Authentication Clarification

starksm64 Dec 3, 2005 4:14 PM (in response to ektasehgal)

This is an implementation detail that requires an explanation of why the question is being asked.
Actions

Go to original post