1 Reply Latest reply on Sep 8, 2001 10:36 AM by Scott Stark

    HowTo use JAAS customer LoginModule?

    Levente Mészáros Newbie

      Hi all,

      I have experience with J2EE 1.2 and 1.3 using SUN's RI. (both EJB 1.1 and EJB 2.0) I also know JAAS 1.0 and I know a little about JBoss 2.4 with Tomcat.

      Here is my problem:
      I need a custom JAAS authentication module using my own database tables for authentication. This module is not a user name/password authentication module, so I cannot use the built-in authentication mechanisms.

      The client uses web browsers and I want to protect my web resources too. But how could I authenticate the user through the web from JSPs without any kind of built-in authentication method? (e.g. the web container cannot authenticate the user automatically via displaying some form and retrieving j_username and j_password or via HTTP basic authentication)

      Is it possible to call directly LoginContext.login from a JSP and will the web container keep the authenticated subject and associate it with the session to avoid re-authentication in further calls?