8 Replies Latest reply on Jun 11, 2012 4:17 AM by Andy Peer

    Problem in custom login module

    Andy Peer Newbie

      I'm trying to write a custom login module to implement some logic during the login phase.

      I have added my module in JBOSS_HOME\server\default\deploy\gatein.ear\META-INF\gatein-jboss-beans.xml

       

      <application-policy xmlns="urn:jboss:security-beans:1.0" name="gatein-domain">
          <authentication>
          <!-- My custom login module -->
            <login-module code="com.test.extension.util.MyLoginModule" flag="required">
              <module-option name="portalContainerName">portal</module-option>
              <module-option name="realmName">gatein-domain</module-option>
            </login-module>
          
            <login-module code="org.exoplatform.web.security.PortalLoginModule" flag="required">
              <module-option name="portalContainerName">portal</module-option>
              <module-option name="realmName">gatein-domain</module-option>
            </login-module>
            <login-module code="org.exoplatform.services.security.jaas.SharedStateLoginModule" flag="required">
              <module-option name="portalContainerName">portal</module-option>
              <module-option name="realmName">gatein-domain</module-option>
            </login-module>
        
            <login-module code="org.exoplatform.services.security.j2ee.JbossLoginModule" flag="required">
              <module-option name="portalContainerName">portal</module-option>
              <module-option name="realmName">gatein-domain</module-option>
            </login-module>
          </authentication>
      ...
      ...
      

       

       

      This is MyLoginModule (it is in a utilities jar):

      package com.test.extension.util;
      
      
      import javax.security.auth.login.LoginException;
      
      import org.exoplatform.container.ExoContainer;
      import org.exoplatform.web.security.Credentials;
      import org.exoplatform.web.security.PortalLoginModule;
      import org.jboss.logging.Logger;
      
      public class MyLoginModule extends PortalLoginModule
      {
      
         /** Logger. */
         private static final Logger log = Logger.getLogger(MyLoginModule.class);
      
         
         public boolean login() throws LoginException {
             return super.login();
         }
         
         /**
          * @see javax.security.auth.spi.LoginModule#commit()
          */
         public boolean commit() throws LoginException
         {
             boolean res = super.commit();
             
             if (sharedState.containsKey("javax.security.auth.login.name") && sharedState.containsKey("javax.security.auth.login.password")) {
                 log.info("User authenticated with Username:" + (String)sharedState.get("javax.security.auth.login.name") + 
                         " and Password:" + (String)sharedState.get("javax.security.auth.login.password"));
             }
             else
                 log.info("login failed");
             
             return res;
         }
      
         /**
          * @see javax.security.auth.spi.LoginModule#abort()
          */
         public boolean abort() throws LoginException
         {
            return super.abort();
         }
      
         /**
          * @see javax.security.auth.spi.LoginModule#logout()
          */
         public boolean logout() throws LoginException
         {
            return super.logout();
         }
      
      
         protected static boolean isClusteredSSO()
         {
            return ExoContainer.getProfiles().contains("cluster");
         }
      }
      

       

      The problem is that now I can't enter the portal, all the logins fail!

      Am I missing any configurations/implementations?