I am try to develop a 3-tier web application , with front end being Applet and HTML, with JSPs and Servlets.
I have a main JSP/HTML which forms 2 frames.. one calling the HTML having applet and other calling a plain HTML file.
I am using LDAP authentication with Jboss3.0.4 /Jetty version.
I am trying to create the login context in the first JSP which is creating the frames. There i am able to get the Principal name(though it is not authenticating). But while loading the applet it is giving principal=null and is failing to load.
The questions i want to ask are :
-> How can i get the Applet to understand the security of Jboss?
-> Is the applet the root cause of this behaviour ?
-> Presently the applets are not signed , but i fail to see how signing the applet will help prevent this ?
-> How do i get the username and password into the JSP file? i am able to get the username, but when i try to get the password using org.jboss.security.SecurityAssociaton.getCredential().toString() it is returning some junk value?
-> further more the most important am i doing it correctly or do i need to do anything else?
-> there is a patch available for LdapLoginModule .. how do i integrate it into the JBoss version i am currently running?