-
1. Re: Using valves to perform custom login based on http cooki
anil.saldhana Oct 19, 2007 3:40 PM (in response to acorrea10)You need an authenticator along the lines of GenericHeaderAuthenticator.
http://anil-identity.blogspot.com/2007/04/tip-3-token-based-perimeter.html -
2. Re: Using valves to perform custom login based on http cooki
acorrea10 Oct 22, 2007 6:25 PM (in response to acorrea10)Thanks Anil,
interesting stuff, the GenericHeaderAuthenticator.
I will give it a try as soon as I can.
However, I am in the final step of a custom solution. I have a valve that intercepts the request, call the custom login module, which in turn use the passed in cookie to retrieve the user groups and populate the java principals. I am extending the AbstractServerLoginModule.
Everything is working ok, except for the final step. Even with the java principals populated (by AbstractServerLoginModule's commit method), the J2EE login form method is being presented to the user again.
One thing to note is that when I call my protected application resource directly, the J2EE form login method is triggered, the same custom login method is executed, and everything flows without errors.
My getRoleSets method is returning a SimpleGroup "Roles" within the user's groups.
Any insights are welcome.
Andre. -
3. Re: Using valves to perform custom login based on http cooki
acorrea10 Oct 24, 2007 1:14 PM (in response to acorrea10)Following up...
I took Anil's suggestion and used the GenericHeaderAuthenticator. It works like a charm.
Andre. -
4. Re: Using valves to perform custom login based on http cooki
anil.saldhana Oct 26, 2007 12:44 PM (in response to acorrea10)Yes, we are charming people churning out charming solutions.
Glad that your use case was solved.