-
1. Re: Login Policies
julien1 Nov 18, 2005 9:16 AM (in response to bruhn)look at the UserModule code.
-
2. Re: Login Policies
bruhn Nov 18, 2005 10:03 AM (in response to bruhn)"julien@jboss.com" wrote:
look at the UserModule code.
In UserModuleImpl.java I find methods for creating users, listing users and so on. I dont quite understand how this is related to my problems. Could you please give a more specific hint? All I could possibly do in this Module, as I see it, is a validation of the password at the time of user creation.
Thanks a lot,
Peter -
3. Re: Login Policies
bsmithjj Nov 18, 2005 3:12 PM (in response to bruhn)
You may want to 'stack' a LoginModule in front of JBoss Portal's login module (see its login-config.xml). In your LoginModule implementation, you can implement the business rules, etc. for your requirements. It sounds like from your reqs. that you will need your own table for storing at least the last 5 passwords as well, possibly keyed to a JBoss Portal user.
As for LoginModules and stacking, you need to understand JAAS Security, and how to configure LoginModules for JBoss Application Server, and then you need to study the Portal's schema a bit to see how you want to 'integrate' with it. It's relatively easy to find articles about JAAS on the web, you can get the JBoss AS guide to learn about writing LoginModules for JBoss, and you can download the docs and source for the portal as well.
Good Luck!