1 Reply Latest reply on May 22, 2008 4:09 PM by virgo47

    Possible action before JAAS athentication?

    virgo47
    virgo47 May 20, 2008 12:41 PM

      I use JAAS login module to authenticate users against LDAP - and it works fine with:


      <security:identity jaas-config-name="ldapConfig"/>



      Is it possible to call some method before my login module is called? The reason is that LDAP users are indeed the source for authentication, but not all users in LDAP are actual users of the application and I'd like to check DB table with users before trying to log in against LDAP in case that the person from ldap is not really the user of our application.


      In case there is no pre-authenticate way, what is the right way to do this?

        • 1. Re: Possible action before JAAS athentication?
          virgo47
          virgo47 May 22, 2008 4:09 PM (in response to virgo47)

          OK, it wasn't easy to Google it but after few iterations it wasn't that hard to implement simple method:


               @Observer(Identity.EVENT_PRE_AUTHENTICATE)
     public void checkUserInDb() throws PreAuthException {
          if (em.createQuery("select u from User u where u.login=#{identity.username}").getResultList().size() == 0) {
               throw new PreAuthException();
          }
     }



          And in pages.xml:


               <exception class="sk.bgs.controlling.web.action.PreAuthException">
          <redirect view-id="/login.xhtml">
               <message severity="warn">Login failed</message>
          </redirect>
     </exception>



          This caused that user missing in DB resulted into the same effect like wrong name/password test against LDAP.


          I originally tried to use NotLoggedInException, but I wasn't able to catch it and redirect in pages.xml - I always ended on debug page. Don't know why because examples of pages.xml with NotLoggedInException are very often. ;-)

            • Actions