0 Replies Latest reply on Nov 19, 2013 11:01 PM by moje2920

    QuickStarter Login Mechanism


      Hi all,


      I'm currently working on a SSO project. But I'm a bit confused about the login mechanism in the quickstart.


      First, I found that the user input Username and Password can be only retrieved once by UsernamePasswordLoginModule.getUsernameAndPassword(). If you try to access the password second time, then password will be EMPTY_STR, but the username is still there. I don't quite understand why.


      Second, since the user entered password is EMPTY_STR, the login function will convert the password saved in IdP to EMPTY_STR in order to match it.


      I don't quite understand firstly why the login() will be called twice (and actually which class extend AbstractServerLoginModule and be used while login besides UsernamePasswordLoginModule), and why the password would become EMPTY_STR in we access it for the second time?


      Thanks in advance!