-
1. Re: Custum Login Module
mab20009 Mar 31, 2003 8:08 PM (in response to stuermer_g)You dont _have_ to implement AbstractServerLoginModule, but that's the best and easiest way to do it if you want your LoginModule to work with the JassSecurityManager that comes with JBoss.
-
2. Re: Custum Login Module
goroh Apr 3, 2003 9:31 AM (in response to stuermer_g)I have just implemented a custom LoginModule for JBoss 2.4.3 and it works quite well. All I had to do was to implement the standard javax.security.auth.spi.LoginModule interface, and registered the "NewLoginModule" class into the auth.conf file.
It was quite easy to implement the authentication, but I had some problems with authorization: I could not find out how to deal with roles/groups util I reverse-engineered the other login modules that come with JBoss.
Would you like to take a peek? -
3. Re: Custum Login Module
kristrujillo Apr 4, 2003 6:37 PM (in response to stuermer_g)I would like to see how the user/groups piece is implemented, thanks!
-
4. Re: Custum Login Module
vmarco Apr 7, 2003 1:17 PM (in response to stuermer_g)One way to simplify implementation of the AbstractLoginModule is to extend UsernamePasswordLoginModule instead. This reduces the methods needed to implement to authenticate the user and setup roles.
The methods needed are:
getUserRoles()
getUserPassword()
validatePassword()
The validatePassord() does all the work. Hope this helps. -
5. Re: Custum Login Module
stevecoh1 Apr 8, 2003 5:53 PM (in response to stuermer_g)It doesn't work so well in 3.0.6: You're supposed to use login-config.xml instead of auth.conf but it doesn't appear to work that way. I wonder if I should try auth.conf.