Calling LoginContext.login successful but SSO cookie not se
bmcgovern Nov 15, 2006 10:09 AMIve gotten SSO to work for jboss portal and a supporting webapp on the same virtual host. But my login routine not only needs to authenticate the user against jboss portals user database, but also pull some information from a supporting database and work with it.
My problem is that I created a login method in my business layer that executes the following code and succesfully returns true of false for my login credentials. It however does not set the SSO cookie and I cannot figure out why not.
Incidently I tested the security constraint and login-config with both BASIC and FORM authentication and it works like a charm. Without changing anything but the login forms action from j_security_check to a MyController, which calls the method below -- it was working fine.
Any help ? Anyone.. Bueller?
Heres the code:
My Authentication Class
public class SSOLogin { protected static final Log log = LogFactory.getLog(SSOLogin.class); public boolean authenticate(String userid, String password) throws LoginException { log.info("SSOLogin.authenticate(String, String) was called."); boolean result = false; try { log.info("SSOLogin.authenticate(String, String) creating LoginContext."); LoginContext loginContext = new LoginContext("myauth", new SSOCallbackHandler(userid, password)); log.info("SSOLogin.authenticate(String, String) executing login."); loginContext.login(); result = true; } catch (LoginException e) { // A production quality implementation would log this message log.info("Exception:: " + e.getMessage()); result = false; throw e; } log.info("SSOLogin.authenticate(String, String) exiting method - Login was " + result); return result; } }
Which depends on a custom callback handler:
public class SSOCallbackHandler implements CallbackHandler { protected static final Log log = LogFactory.getLog(SSOCallbackHandler.class); private String username; private char[] credentials; public SSOCallbackHandler(String username, String credentials) { super(); this.username = username; this.credentials = credentials.toCharArray(); } public void handle(Callback callbacks[])throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks instanceof NameCallback) { ((NameCallback) callbacks).setName(username); } else if (callbacks instanceof PasswordCallback) { ((PasswordCallback) callbacks).setPassword(credentials); } else { throw new UnsupportedCallbackException(callbacks); } } } }