Hello,
I have created a custom login module.
It works great except that I want to return a custom error message when login fails.
@Override public boolean login() throws LoginException { ..... if(!loginOk) throw new LoginException("MY_CUSTOM_ERROR_MESSAGE"); }
I need to display this custom error message in a jsf page.
So in my jsf bean i have this to get the message:
public String getLoginFailureMessage(){ Exception e = (Exception) SecurityContextAssociation.getContextInfo("org.jboss.security.exception"); if (e != null) return e.getMessage(); else return null; }
The problem is that the exception message returned is always:
Login Failure: all modules ignored
If I look in my logs I always get two exceptions: one LoginException with my custom message followed by one LoginException with Login Failure: all modules ignored :
10:43:15,862 ERROR [stderr] (http-0.0.0.0-0.0.0.0-8080-4) javax.security.auth.login.LoginException: MY_CUSTOM_ERROR_MESSAGE 10:43:15,864 ERROR [stderr] (http-0.0.0.0-0.0.0.0-8080-4) at com.real.aof.security.login.LimitedAttemptsLoginModule.login(LimitedAttemptsLoginModule.java:57) 10:43:15,865 ERROR [stderr] (http-0.0.0.0-0.0.0.0-8080-4) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 10:43:15,866 ERROR [stderr] (http-0.0.0.0-0.0.0.0-8080-4) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 10:43:15,867 ERROR [stderr] (http-0.0.0.0-0.0.0.0-8080-4) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 10:43:15,868 ERROR [stderr] (http-0.0.0.0-0.0.0.0-8080-4) at java.lang.reflect.Method.invoke(Method.java:606) 10:43:15,868 ERROR [stderr] (http-0.0.0.0-0.0.0.0-8080-4) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784) ... 10:43:15,891 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-0.0.0.0-0.0.0.0-8080-4) Login failure: javax.security.auth.login.LoginException: Login Failure: all modules ignored at javax.security.auth.login.LoginContext.invoke(LoginContext.java:935) [rt.jar:1.7.0_25] ...
How can I get my custom message instead when calling SecurityContextAssociation.getContextInfo("org.jboss.security.exception") ? Is it possible ?
Is there any other way to do it ?
Thanks a lot for any help