-
1. Re: JBMS & Local Mailbox Handler
mikezzz Oct 4, 2005 8:41 AM (in response to k2shah)Can you raise this in JIRA. This is a slightly hairy issue. JAAS doesn't provide a mechanism for checking if a users exists without logging in as them. One option is a not create the mailbox until the user logs in via POP. The other is to perhaps integrate directly with JBoss Security which gives the option of querying the roles for a given user.
Regards,
Michael Barker. -
2. Re: JBMS & Local Mailbox Handler
k2shah Oct 4, 2005 9:29 AM (in response to k2shah)Created JBMAIL-121.
Thanks,
Kartik Shah -
3. Re: JBMS & Local Mailbox Handler
acoliver Oct 4, 2005 9:50 AM (in response to k2shah)"This is a slightly hairy issue. JAAS doesn't provide a mechanism for checking if a users exists without logging in as them."
That isn't really a problem, Mike. Our code presently logs them in and immediately out anyhow (not saying "should", saying "does"). Eventually we may want to tweak that a bit but for now:
(JaasUserRepository.java)
"
public boolean test(String username, String password)
{
return login(username, password);
}
...
private boolean login(String username, String password)
{
CallbackHandler handler = new MailCallback(username, password
.toCharArray());
try
{
LoginContext lc = new LoginContext(getSecurityDomain(),
new UsernamePasswordHandler(username, password));
lc.login();
try
{
// release resources
lc.logout();
}
catch (Exception e)
{
}
"
What is a problem is that it the login modules require us to have a password to pull that off. I don't know of anything in JBAS Security that would let us check roles w/o password. Could be wrong but don't see a way for the login module to pull that off.
I actually favor not creating a mailbox unless the user has logged in at least once. Eventually we'll have a "create user" administration snapplet" of some sort that will do it as well... but for now... -
4. Re: JBMS & Local Mailbox Handler
mikezzz Oct 4, 2005 10:58 AM (in response to k2shah)What is a problem is that it the login modules require us to have a password to pull that off.
For some reason I thought there was. I could be mistaken though.I actually favor not creating a mailbox unless the user has logged in at least once.
Cool that will be an easy fix.