I need to access pages inside a secure web zone from an external application. Those pages return some info ( non html ) to the app to be presented, after some processing and validation, to the user. The foreign app is not java. I'm using a CustomAuthentication mbean class that meets my needs to some point, but would like to use jaas. It should work like this :
I perform a GET into a non secure page with user+pass as parameters. That page logs into app, creates a session, populates it with some data and returns, via http, the session id to the calling app. From now, all accesses use that session id in url to access the needed data.
In jboss, using jaas with DatabaseServerLoginModule, when I enter the my login page with a valid user and pass, I get a failure in login. The trace mentions :
(snip) Saw unauthenticatedIdentity=nobody
Can anyone help me on this ? Is it possible with jaas ?
A correction to my previous post.
The problem is not the login, wich succeeds. The problem is that after the successefull login, when I try to access a protected page it still presents me the login form.
I send the session id as :
Thanks in avance for any help.