-
1. Re: Using a fallback login module
henrikdeluxe Nov 14, 2013 9:47 AM (in response to mylos78)I don't know if i understood corectly, but i think you have to set "sufficient" for both login-modules
If the first one succeed the second won't be invoke
If the first one fails the second module will be invoked
if second fails login is denied
-
2. Re: Using a fallback login module
mylos78 Nov 14, 2013 10:32 AM (in response to henrikdeluxe)Thanks for your reply, yes what you say makes sense however from the security subsystem XSD I can read that with Required:
"Required - The LoginModule is required to succeed. If it succeeds or fails, authentication still continues to proceed down the LoginModule list."
So I'm not sure what is the best option for my case, Required or Sufficient.
>I don't know if i understood corectly, but i think you have to set "sufficient" for both login-modules
My need is that if the database is unavailable, the authentication will be checked on the filesystem using the RealmDirect, but just as second option.
Thanks
Mylos
-
3. Re: Using a fallback login module
henrikdeluxe Nov 14, 2013 10:48 AM (in response to mylos78)i think if you choose "sufficient" for both login-modules, it will work as you need,
but you may get ugly exceptions while database-login-module crashes cause database isn't available
as second step you may write an own database-loginmodule that inherit from jboss databaseLoginModule and precheck availabilty of database
if database is not available you could silently return false in login() method and log custom messages