0 Replies Latest reply on Sep 17, 2018 4:24 PM by indranilrc

    Unable to access request parameter from Custom Login module

    indranilrc

      I want to use some information populated by 3rd party perimeter authentication system in Jboss EAP 6.4 custom login module.

       

      Our current enterprise application solution relies upon a common custom authenticator followed by a chain of login modules (each representing a unique source organization).

       

      User from Org 1 or Org 2 --> Custom Authenticator --> Login Module 1 --> Login Module 2 --> Resource

       

      The authenticator module extracts user name and roles by invoking web services exposed by respective source authentication and authorization provider using query parameters.The design was to pass along the retrieved information to login modules where user roles will be populated and login process committed. However, there seems to be no way to access the HTTP request based information in custom login module.

       

      In JBOSS 6.x this can be fetched from PolicyContext or FacesContext Object.But from 7.x onwards these cannot be found.

       

      Any approach to share information between authentication and login modules (Using ThreadLocal/Faces Contex/Policy Context) does not work.

       

      Please suggest a way out to share information between authentication and login in EAP 6.4 version ?

       

      I have referred to the following are related issues but none of the approached worked.

       

      Receiving session object in loginModule

      Re: Possible to access HTTPServletResponse from LoginModule?

      Re: How to get httprequest?