5 Replies Latest reply on Sep 3, 2002 9:08 PM by zx44093

    Login module with session bean that needs authentication

    Kristoffer Gronowski Newbie


      I have a server login module that uses a session bean to validate usernames and passwords.
      This works fine!
      The problem occurs when I add the session been to a security domain then the login module has to authenticate itself when it is tying to create the bean since it's in a security domain.

      I guess that the login modules principal and credential can be stored in the auth.conf file but how do I set it because right now when I'm calling create the login module is called again but with the username and password set to null (the session bean and the initial request are both under the same security domain so it might be a little bit confusing).

      I probably could allow to create the bean outside of a security domain but then anyone can read usernames and passwords.

      Is a little bit of a chicken and egg problem.
      But the login module should act as a client as well.
      Or am I missing something?

      Thanks, Kristoffer