This content has been marked as final.
Show 6 replies
-
2. Re: Doubts about the authenticaton process
marcos_aps May 31, 2007 3:33 PM (in response to marcos_aps)"PeterJ" wrote:
See http://www.jboss.com/index.html?module=bb&op=viewtopic&t=103158
I don't want to use I DatabaseServerLoginModule provided by JBoss to do the authentication. I want to develop my own login module to connect with my database that already has a table with my users and the password encrypted (they're hashed too). So, I don't use the JBoss functions to hash the passwords.
What I just want to know is how I will make my custom login module aware of the username and password typed in the login web page that I will use. Do I have to use some standard name for the username and password input fields in the login web page for JBoss to pass them to my registered login module? Do they have to start with 'j_'? If so, what are the real names that I have to use?
I know that I have to tell the server what is the login page that I use and what authentication method that I want (FORM in my case), but I don't know how to tell it what are my username and password input fields. How do I proceed?
Thank you.
Marcos -
3. Re: Doubts about the authenticaton process
peterj May 31, 2007 3:54 PM (in response to marcos_aps)The easiest, and correct, way to do what you want to do is write your own login module, hence my reason for pointing you to a prior discussion of this topic (if you look carefully at that topic, that user also had encrypted password in the database and thus could not use the DatabaseServerLoginModule to perform the login and had to write his own login module). The DatabaseServerLoginModule should provide you with a reasonable template (or you could subclass it) within which you can do your own work to validate the user and return the collection of roles.
-
4. Re: Doubts about the authenticaton process
marcos_aps May 31, 2007 3:59 PM (in response to marcos_aps)"PeterJ" wrote:
The easiest, and correct, way to do what you want to do is write your own login module, hence my reason for pointing you to a prior discussion of this topic (if you look carefully at that topic, that user also had encrypted password in the database and thus could not use the DatabaseServerLoginModule to perform the login and had to write his own login module). The DatabaseServerLoginModule should provide you with a reasonable template (or you could subclass it) within which you can do your own work to validate the user and return the collection of roles.
I agree with you, Peter and that's exactly what I'm going to do. But there's a part of my doubt that is a little more simple: if I use j_security_check and name my input texts in the login page j_username and j_password, will JBoss pass these values to my own login module? If so, I'm done.
Thank you.
Marcos -
5. Re: Doubts about the authenticaton process
peterj May 31, 2007 4:01 PM (in response to marcos_aps)Yes.
-
6. Re: Doubts about the authenticaton process
marcos_aps May 31, 2007 4:11 PM (in response to marcos_aps)"PeterJ" wrote:
Yes.
Thank you very much, Peter.
Marcos