1 Reply Latest reply on Nov 23, 2009 2:53 PM by shantanu.u

How to make JAAS Login Failure Page more informative ?

shantanu.u Nov 23, 2009 2:52 PM

My stack is as follows :
* JSF 1.2, Facelets, Richfaces 3.2.1
* JAAS - authentication and authorization
* Tomcat 6

Points to note :
1. JAAS is working. I'm able to login into the application.
2. Roles are working. CMA intercepts when I hit a secured resource.
3. Authentication mechanism in web.xml

<login-config>
 <auth-method>FORM</auth-method>
 <realm-name>myrealm</realm-name>
 <form-login-config>
 <form-login-page>/faces/login/login.jsf</form-login-page>
 <form-error-page>/faces/login/loginerror.jsf</form-error-page>
 </form-login-config>
 </login-config>

Problem
4. What I really want is to inform the user why the login failed :
- wrong user id
- wrong password
- account locked due to too many unsuccessful attempts

How can I do this ?

The My JAAS LoginModule does not have any handle to session/request/JSF messages ?

I don't want a generic login failure page.

1. Re: How to make JAAS Login Failure Page more informative ?

shantanu.u Nov 23, 2009 2:53 PM (in response to shantanu.u)

I know this thread is not about JBoss per se. There aren't any JAAS fourms that I know of.
Actions