7 Replies Latest reply on Aug 18, 2006 9:10 AM by lou

Using j_security_check with a custom Principal , a custom Ca

emailmsgbox Jul 13, 2006 10:31 AM

Hear me out, I'll make it short
I need username, password and kuku as parameters in my CallbackHandler and my LoginModule

when I initiate a login using my CallbackHandler MyPrincipal to my facades local or remote
like this

MyLoginHandler login = new MyLoginHandler(new MyPrincipal( username, kuku),password);
loginContext = new LoginContext("my-login",login);
loginContext.login();
...

all is good

but when I try the "full Monty" meaning web and EJB with auth-method FORM (j_security_check) I of course fail ,
since the CallbackHandler that I get in my login module is a with a SimplePrincipal
and this SimplePrincipal is missing the extra parameter

So my problem is to pass the extra parameter to the my LoginModule
how do I get the j_security_check to take the extra paramenter and pass it on . in some way

I looked at the ExtendedFormAuthenticator but I do not see how could did help me.
since I do not use a filter

So be a sport and H-E-L-P

1. Re: Using j_security_check with a custom Principal , a custo

soshah Jul 13, 2006 11:39 AM (in response to emailmsgbox)

emailmsgbox-

You can try sending the extra parameter "kuku" as part of your Login Form submission and extract it in your login module using:

request = (HttpServletRequest) PolicyContext.getContext(WEB_REQUEST_KEY);
request.getParameter("kuku");

Now, if this "kuku" parameter is Login Module configuration related, you can also use

<module-option name="kuku">kuku-value</module-option>

in your Login Module configuration

Hope this helps

Thanks
Sohil
Actions
2. Re: Using j_security_check with a custom Principal , a custo

emailmsgbox Jul 17, 2006 3:02 AM (in response to emailmsgbox)

Yes it did,
thanks
Actions
3. Re: Using j_security_check with a custom Principal , a custo

atamur Jul 31, 2006 7:42 AM (in response to emailmsgbox)

if someone is also interested in this topic, you should look at http://wiki.jboss.org/wiki/Wiki.jsp?page=AccessingServletRequestForAuthentication for WEB_REQUEST_KEY =)

PS great thanks to sohil.shah
your reply was of a great help
Actions
4. Re: Using j_security_check with a custom Principal , a custo

lou Aug 16, 2006 8:13 AM (in response to emailmsgbox)

I'm having the same problem with a j2ee web app using jboss, I want to use an extra parameter in j_security_check form. Can u please paste your sample code because what i read here didnt helped me. Or if u can give me a link where i can found the whole process in detail. Many thanks.
Actions
5. Re: Using j_security_check with a custom Principal , a custo

lou Aug 18, 2006 9:03 AM (in response to emailmsgbox)

Ok I managed to solve the problem. Here the complete code and settings I used.

http://www.srcfactory.com/the_j_security_check_form_extra field_solution/
Actions
6. Re: Using j_security_check with a custom Principal , a custo

lou Aug 18, 2006 9:09 AM (in response to emailmsgbox)

Sorry misstyped url: [url]http://www.srcfactory.com/the_j_security_check_form_extra_field_solution/
Actions
7. Re: Using j_security_check with a custom Principal , a custo

lou Aug 18, 2006 9:10 AM (in response to emailmsgbox)

http://www.srcfactory.com/the_j_security_check_form_extra_field_solution/ they should put the fucking edit option on this frum for morons like me.
Actions

Go to original post